CRN reports that hackers with a possible relationship to the Chinese government attacked 3 large U.S. companies with a malware called Javafog. This malware installs backdoors via a vulnerability in Oracle Java and flaws in Microsoft Office. But why to attack them directly, when one can use service providers?
Resellers and managed security service providers (MSSPs) that work with clients that have ties to larger firms can find themselves targeted by advanced persistent threats, according to solution providers. Ongoing attacks have targeted government contractors, ship-building companies and high-tech manufacturers, but the cybercriminals often choose to first attack smaller partners — including IT service providers — to glean information on their ultimate target, said Rob Delevan, information technology consultant at Wasatch I.T., a Kaspersky Lab partner.
Another Malware has been identified, which infects Apples Mac OS X. It is named Macfog.