Threat Management, Threat Intelligence, Malware

Trojan found on Japanese government computers

Share

Parliament in Japan has been rocked after malware was found on three computers and a server, possibly compromising usernames and passwords used access internal documents and emails.

Data from 480 of Japan's Lower House members was reported by local media to have been compromised, but investigators had not found evidence it was stolen. The trojan has been linked to a command-and-control server based in China, Ashai Japan Watch reported.

The infection lasted for at least a month, until August, and began after a member had opened a malicious email attachment . Security software failed to stop the trojan from downloading additional "data stealing" software.

A Lower House committee held a meeting this week to investigate the incident. Chief Cabinet Secretary Osamu Fujimura said the government would take "all possible measures" to improve security, Ashai reported.

In response, members were asked to change passwords ahead of the normal three-month cycle. Ashai sources said hackers were able to access data using stolen credentials "without leaving any trace of illegal access."

Lawmakers use the computers to email government agencies and other Parliament members. The machines also store personal information about support groups, political accounting, and donations.

The attack comes on the heels of a malware infection that spread through machines owned by Japan's biggest defense contractor and Boeing partner Mitsubishi Heavy Industries. In that case, the company detected up to eight different instances of malware, including trojans and keyloggers, in factories used to manufacture submarines, missiles and nuclear power plant components.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.