Education

Trojan Infects Computers at 9 Universities, 60 Internet Café

29 January - 4 February 2019

A trojan known as XinGe (鑫哥) has infected at least 75,000 computers at nine universities and over 60 Internet cafes in China.
Cyber_News_Educations
A trojan known as XinGe (鑫哥) has infected at least 75,000 computers at nine universities and over 60 Internet cafes in China. The campaign is believed to have started in September 2018 with majority of the infections located in Guangdong province. The initial infection vector is unknown, but the trojan is downloaded using a publicly available software known as Ruiqi diskless system. XinGe is capable of hijacking websites by tampering with DNS network setting. This allows hackers to steal host information such as machine name, MAC address, intranet IP, and external network IP. The trojan also monitors QQ communication after stealing login credentials and retrieving QQ chat log. 

References:
[1] XinGe Trojan Hijacks over 60 Internet Cafes, Affects Computers in 9 Universities (Translated)
 
 
 
 
 

More Weekly Cyber Newsanalysis and insights

Ensign Consulting

Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.​

Ensign Systems Integration

Architecting and implementing cybersecurity solutions that bolster defences

Ensign Managed Security Services

Managing your security operations for advanced threat detection, continuous monitoring, and triage services

Ensign Labs

Performing deep research to analyse vulnerabilities, deploy advanced threat hunting and provide cyber threat intelligence