U.S. Software Firm Hacked for Years after Suing China

A Californian software company which sued the Chinese government for pirating its flagship content filtering product has revealed how it was targeted by hackers from that country for the three years of the resulting legal proceedings. Santa Barbara, Calif.-based Solid Oak Software filed the civil lawsuit against China after discovering thousands of lines of code from its parental filtering CYBERsitter had been lifted and used to develop the Green Dam Youth Escort. Just 12 days after Solid Oak’s founder went public with his intentions, the hackers began targeting his employees with a view to infiltrating the company, gleaning intelligence about the court case and disrupting sales as much as possible. The attackers made initial incursions with spyware hidden in malicious email attachments and were soon able to remotely control PCs and switch on webcams to spy on individuals. The Solid Oak Web and email servers were also targeted, frequently crashing several times a day, and the small family-run business dived into the red as customers looking to buy the software online were not able to complete their transactions thanks to some tinkering with the script that controlled payment processing. Forensic investigators said that the malware and attack toolkits they found were unique to Chinese hackers known as the Comment group, a gang associated with attacks on Coca Cola and others revealed earlier in November. Within two months of a settlement in the case, the attacks reportedly stopped.