Caribbean News Now!

About Us Contact Us

Countries/Territories

Jump to your country or territory of interest

Advertise with us

Reach our daily visitors from around the Caribbean and throughout the world. Click here for rates and placements.

Contribute

Submit news and opinion for publication

Subscribe

Click here to receive our daily regional news headlines by email.

Archives

Click here to browse our extensive archives going back to 2004

Also, for the convenience of our readers and the online community generally, we have reproduced the complete Caribbean Net News archives from 2004 to 2010 here.

Climate Change Watch

The Caribbean is especially vulnerable to rising sea levels brought about by global warming. Read the latest news and information here...

Follow Caribbean News Now on Twitter
Connect with Caribbean News Now on Linkedin
Instagram



News from the Caribbean:




Technology
Prev    Next
Clipboard virus belatedly removed from Cuban government website
Published on September 13, 2016Email To Friend    Print Version

acn_screenshot.jpg
Screenshot of the acn.cu website on September 4, 2016, showing the security warning message as originally reported by Caribbean News Now

By Caribbean News Now contributor

HAVANA, Cuba -- A clipboard virus that appeared to be capable of attacking vulnerable computers that had visited the Cuban government information service website (acn.cu) was belatedly removed a day after Caribbean News Now had raised the issue for the second time last week and after denials from the Cuban authorities that the problem existed in the first place.

In our first report, it was noted that the unique clipboard virus acted by launching a permission pop up (on the ACN website) that seemingly gave users an option either to allow it to control their computer clipboard data or to refuse permission.

However, although it was expected that most users would have instinctively clicked the “Don’t allow” option button on the pop up, researchers pointed out that even that option was encrypted with reversed coding that would in any case provoke a forced install via vulnerable browsers.

The analysis of the infection was done by the Guyana-based cyber security firm and regional anti-virus producer Computer Care, with some assistance from the international cyber security community.

Their analysis at the time had revealed that the virus was designed to take unauthorized control of a computer clipboard. Thereafter, it can then create a backdoor on a computer so as to allow for captured information to be sent out to a remote server, in the same way that internet traffic flows in.

The research, which was headed by Guyana-born software security analyst, Dennis Adonis, who is also the lead anti-virus developer and owner of Computer Care - Guyana, had determined that the infection could have either been planted by another foreign government or rogue group as part of a cyber warfare strategy or even by Cuban cyber intelligence experts themselves.

Adonis himself has previously worked with the cyber security units of several government agencies worldwide since 2012, and is said to have significant working knowledge in matters pertaining to underground cyber snooping. Hence his opinion on back-door cyber security matters is often considered by most cyber security agencies.

However, officials from the Cuban government side, along with regional apologists and supporters of the Communist regime, were critical of Adonis’ findings and had claimed that he had more than likely mistaken a minor Joomla platform bug for an infection – an erroneous result factor that is known as a “false-positive” in any sort of testing or research process.

Moreover, they insisted that there was no pop up security warning in the first place, despite easily demonstrated evidence to the contrary. In fact, the browser security warning still appeared on the ACN website for several days after our first article appeared and was only removed after we pointed out in a second article that it was still evident, notwithstanding claims to the contrary.

acn_screenshot9-6.jpg
A second screenshot of the acn.cu website still showing the security warning message on September 6, 2016, even after the publication of a denial that any such security risk existed. The security alert was no longer evident the following day

Additionally, after other news agencies, including BBC News, and the New York Times, became interested in the story, one of them indicated to us that they were still able to find digital footprints of the infection.

Contacted for a further comment on the matter, Adonis’s anti-virus company reiterated that they are confident of their findings, and remained steadfast in their opinion of their original research.

The company explained that though the clipboard virus itself is not unique to the ACN website, its objectives and algorithm were.

In their opinion, this would have meant that someone must have altered the original clipboard virus to append Trojan functionalities and other classes of cyber-bots to it.

Since the publication of the original article, Adonis’ company is said to have received more than two dozen requests from cyber security officials across 20 countries, but was only willing to share the analysis with three of them.

While several media houses had also requested samples of the analysis, approval was only given to a cyber security researcher at the BBC, and another at the New York Times.

Questioned on whether his company may be inclined to share his findings with the Cuban government, Adonis said that once his company considers the credibility of the request, he would definitely do so.

Cyber attacks and infections on government websites has been a growing problem for cyber security experts all over the world.

It is estimated that at least 100 to 200 government affiliated websites worldwide are successfully infected with some sort of malicious code daily.

However, cyber security engineers usually manage to recognize and remove most of the infections before they can achieve their goals.

Related articles:
Thousands of computers possibly infected after visiting Cuban government website
Cuban News Agency refutes accusation of spreading internet virus
 
Reads : 8529






Click here to receive daily news headlines from Caribbean News Now!



Back...

Comments:

No comments on this topic yet. Be the first one to submit a comment.

Back...

Send us your comments!  

Send us your comments on this article. All fields are required.

For your contribution to reach us, you must (a) provide a valid e-mail address and (b) click on the validation link that will be sent to the e-mail address you provide.  If the address is not valid or you don't click on the validation link, it will be a waste of your time typing your submission because we will never see it!

Your Name:

Your Email:

(Validation required)

Comments:
Enter Code *

 


Prev    Next

 






Other Headlines:



Regional Sports:




Warning: Unknown: open(/home/caribnow/public_html/news/_files/session/sess_24pvjrr03oi0bhssnvukl2cdi1, O_RDWR) failed: No space left on device (28) in Unknown on line 0

Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/home/caribnow/public_html/news/_files/session) in Unknown on line 0