Chinese hackers used Microsoft TechNet platform to hide malware distribution

microsoft open sources graph engine microsoftlogo
As companies and governments around the world continue to improve their security in response to the threat posed by individuals, groups and state-sponsored hackers, the makers of the world’s most malicious software need to evolve their game too. Which it what appears to have happened in the case of Chinese hacking collective APT17, also known as Deputy Dog, which used Microsoft’s own TechNet support network to hide its activity.

This wasn’t a case of a man-in-the-middle attack against the site’s members though, nor was it a compromise of Microsoft servers, but instead was a use of public accounts to obfuscate the group’s actions. Using its latent talents, APT17 set up standard profiles on the TechNet website and then filled them with malware, according to a FireEye report.

This wasn’t just an attack designed to go after TechNet members. What makes this particular hack so dangerous is that it was able to keep itself hidden thanks to the use of the support platform.

The particular malware that the group proliferated around the TechNet site was a variant of the BLACKCOFFEE malware. While that sort of nefarious software was detectable by botnet hunters, it took some time for it to be discovered, as most trackers considered TechNet traffic to be a secure source and not likely to have been compromised.

Fortunately it was eventually discovered and stamped out by Microsoft and FireEye in late 2014. In a bit of poetic justice, they gave APT17 a taste of its own medicine, with counter-malware code added to the TechNet profiles, which allowed those chasing the hackers to learn about the malware being used and who it may have affected.

Through its announcement and accompanying break-down of these techniques, FireEye hopes that it can warn other platform providers to be on the lookout for such malware hiding techniques — though it’s hardly a poor advert for the firm’s services either.


Don’t be fooled! Study exposes most popular phishing email subject lines

Phishing emails are on the rise and a new study out by the cybersecurity company Barracuda has exposed some of the most common phishing email subject lines used to exploit businesses. 

After fourth attack, hacker puts personal records of 26M people up for sale

A serial hacker going by the name of Gnosticplayers is selling the personal data of 26 million people who have been using the services of six different companies from across the world.
Movies & TV

'Prime'-time TV: Here are the best shows on Amazon Prime right now

There's more to Amazon Prime than free two-day shipping, including access to a number of phenomenal shows at no extra cost. To make the sifting easier, here are our favorite shows currently streaming on Amazon Prime.

These are the must-have games that every Xbox One owner needs

More than four years into its life span, Microsoft's latest console is finally coming into its own. From Cuphead to Halo 5, the best Xbox One games offer something for players of every type.

Here are the best Chromebook deals available in March 2019

Whether you want a compact laptop to enjoy some entertainment on the go, or you need a no-nonsense machine for school or work, we've smoked out the best cheap Chromebook deals -- from full-sized laptops to 2-in-1 convertibles -- that won't…

From Chromebooks to MacBooks, here are the best laptop deals for March 2019

Whether you need a new laptop for school or work or you're just doing some post-holiday shopping, we've got you covered: These are the best laptop deals going right now, from discounted MacBooks to on-the-go gaming PCs.

Looking for a Chromebook? The Google PixelBook just got a $200 price cut

Once relatively obscure, Chromebooks have come into their own in a big way in recent years. One of our favorites is the super-sleek Google Pixelbook, and it's on sale right now from Amazon for $200 off, letting you score this premium laptop…

Still miss Windows 7? Here's how to make Windows 10 look more like it

There's no simple way of switching on a Windows 7 mode in Windows 10. Instead, you can install third-party software, manually tweak settings, and edit the registry. We provide instructions for using these tweaks and tools.

Go hands-free in Windows 10 with speech-to-text support

Looking for the dictation, speech-to-text, and voice control options in Windows 10? Here's how to set up Speech Recognition in Windows 10 and use it to go hands-free in a variety of different tasks and applications within Windows.

Get the most out of your high-resolution display by tweaking its DPI scaling

Windows 10 has gotten much better than earlier versions at supporting today's high-resolution displays. If you want to get the best out of your monitor, then check out our guide on how to adjust high-DPI scaling in Windows 10.

Got gadgets galore? Keep them charged up with the 10 best USB-C cables

We're glad to see that USB-C is quickly becoming the norm. That's why we've rounded up some of the better USB-C cables on the market, whether you're looking to charge or sync your smartphone. We've got USB-C to USB-C and USB-C to USB-A.

Nvidia’s GTX 1650 graphics card could be just a slight upgrade over the 1050 Ti

Rumors suggest Nvidia might soon launch the GTX 1650, and a leaked benchmark listing from Final Fantasy XV suggests that the new graphics card could be just a slight upgrade over last generation's GTX 1050 Ti. 

Get ready to say goodbye to some IFTTT support in Gmail by March 31

If This Then That, the popular automation service, will drop some of its support for Gmail by March 31. The decision comes as a response to security concerns and is aimed to protect user data.

Get the new Dell XPS 13 for $750 with this limited-time deal

Dell is currently running a limited time deal lasting through Thursday, March 28, where you can bring home a version of this year's new XPS 13 for around $750 with the use of a special coupon code.