SAN FRANCISCO — Computer intruders targeting pro-Tibetan groups, U.S. defense contractors and government agencies slipped in through previously unknown security holes in Microsoft Office, prompting Microsoft to issue a flurry of patches to the popular software suite in 2006 and 2007, according to computer security experts.
These attacks, which appeared to have originated in China, began in early 2006 when the attackers started sending e-mails to victims with booby-trapped Word documents and Excel spreadsheets attached.
“We are seeing more and more spying done with Trojans, a shift that has happened in the last two years,” Mikko Hyppönen, the chief research officer for software security vendor F-Secure, told RSA conference attendees Thursday morning.
The Pentagon and pro-Tibet groups have previously acknowledged the intrusions, but Hyppönen is the first to link the cyber espionage to a series of patches that Microsoft pushed out without explanation. Microsoft did not immediately reply to a request for comment.
Curious run of events here, as China is using regualr holes to get at the “terrorists” (i.e. “splittest” in Chinese).