Parties unknown have hacked websites belonging to various sites linked with Hong Kong's Occupy Central/Umbrella Revolution movements, inserting nasty malware onto them that attempts to take over readers' computers.
The report from Volexity documents the wide scope and scale of the compromises, many of which are live at this moment (don't click the links to the sites in the report unless you know what you're doing — stay safe). This report builds on the existing body of work about mobile malware that has raced through the Umbrella Revolution.
In the last week, Volexity also observed both the English and Chinese language websites for the Democratic Party Hong Kong compromised with the same malicious code found ont he ATD website (www.dphk.org | eng.dphk.org). DPHK is a pro-democracy political party in Hong Kong. Like the ATD website, at the time of this writing the DPHK websites are also serving up malicious code, so please browse with caution. During our research for this post, we also became aware of multiple public reports related to the compromise of the DPHK website on both Twitter and via ThreatConnect. Our good friend Claudio Guarnieri posted the following tweet on October 3, 2014
Democracy in Hong Kong Under Attack [Steven Adair/Volexity]
(Image: Umbrella Revolution-3255.jpg, Doctor Ho, CC-BY-SA)