U.S. law firm behind China piracy suit targeted in attacks
It's unknown whether an e-mail attack targeted at firm's lawyers is related to the mid-December attacks on Google and other companies that also originated in China.
A U.S. law firm representing a Web content-filtering company in a piracy lawsuit against the Chinese government said on Wednesday that it received malicious e-mails in a targeted attack from China similar to recent attacks on Google and other U.S. companies.
At least 10 employees at Gipson Hoffman & Pancione received the e-mails on Monday and Tuesday, according to Gregory Fayer, a lawyer at the Los Angeles-based firm.
The firm filed a $2.2 billion lawsuit last week on behalf of Solid Oak Software against the Chinese government, two Chinese software developers, and seven PC manufacturers. The suit alleges that they illegally copied code from Solid Oak's Cybersitter Web content-filtering program and distributed the code as part of a Chinese government-sponsored censorship program involving China-created Green Dam Youth Escort filtering software.
The e-mails sent to the law firm, mostly to lawyers, came in three different formats, were made to look like they came from Fayer or one of two other lawyers at the firm, and had attachments or included links to outside Web sites, Fayer said. Some of the content of the e-mails expressed concern over viruses and other potential security issues, while another gave a link to an FTP site where large files could be downloaded, he said.
Fayer said he could not say what format the attachments were in or what malware was hiding inside other than that it was a Trojan horse.
The servers where the Trojans were located were found to be within China, and the traffic was traced through ISPs back to China, he said. "We don't know who is behind it," he added.
"As far as we know, no one has actually been duped by the e-mails" by clicking on the files or downloading anything, Fayer said.
He also said the attack was more sophisticated than one from China that targeted Solid Oak in June after researchers said they discovered Cybersitter code in the Green Dam software.
He could not speculate whether or not the attack on his law firm was related to the targeted attacks on Google, Adobe, and more than 30 other U.S. companies that were disclosed on Tuesday.
The U.S. FBI is investigating the attacks on Gipson Hoffman & Pancione, and members of the U.S. House of Representatives' Intelligence Committee also have been notified, according to the law firm. Representatives from the FBI in Los Angeles and the House Intelligence Committee could not be reached for comment on Wednesday evening.
Under China's censorship program, the government initially required that the Green Dam software be installed on all PCs sold in the country. Later, the government backtracked and said it need only be on computers in schools and Internet cafes. The lawsuit alleges that some of the defendant PC makers, which include Sony, Toshiba, Lenovo, and Acer, continued to ship PCs to consumers with the software installed even after the policy change.