It's 2008 and I'm stumbling upon yet another decent portfolio of compromised malware-serving Chinese government Web sites. In this post I'll discuss in-depth the campaign and provide actionable intelligence on the infrastructure behind it.
Compromised Chinese government Web site:
hxxp://nynews.gov.cn
Sample malicious domains known to have participated in the campaign:
hxxp://game1983.com/![]()
![]()
![]()
![]()
![]()
![]()
![]()
![]()
↧