Malicious software likely linked to China is being used to infect visitors to a wide range of official Afghan government websites, U.S. cybersecurity researchers say.
ThreatConnect, a Virginia-based cybersecurity firm, said its researchers last week found a corrupted JavaScript file that is being used to host content on "gov.af" websites, and there are no antivirus protections available for the malware.
Rich Barger, chief intelligence officer of ThreatConnect, told Reuters his company was confident the new campaign, "Operation Poisoned Helmand," was linked to the "Poisoned Hurricane" campaign detected last summer by another security firm, FireEye, that linked it to Chinese intelligence.