Industry News

Japan’s Finance Ministry Spied On by Trojan for Two Years

Japan’s Finance Ministry recently discovered a data-leaking Trojan on its computers that has been running for almost two years. During a security sweep of their network infrastructure, a third-party security firm found the Trojan and notified the institution.

Of the 2,000 computers checked, 123 were infected with the Trojan that appeared to be present since January 2010. The Finance Ministry said no taxpayer details were exposed and it’s likely that only documents regarding meetings were exposed.

It is not that the personal information that we have was widely leaked,” one official told reporters.

The most recent infection detected took place in November 2011, but that doesn’t mean information was not accessed via previously installed Trojans. No other attacks were reported after November 2011, indicating that interest may have subsided after the two-year spree.

The antivirus solution on the infected machines seems to have been ineffective in detecting the Trojan, indicating a higher level of sophistication in the attack. Japan’s government only stated that infected computers belonged to junior staff, implying that access to vital information was severely restricted.

Infected hard disk drives were removed, severing all Trojan activities with attacker-controlled servers. Although the official report depicts Anonymous as the primary suspect, the modus operandi of the organization has always been DDoS attacks and not hidden Trojans.

About the author

Liviu ARSENE

Liviu Arsene is the proud owner of the secret to the fountain of never-ending energy. That's what's been helping him work his everything off as a passionate tech news editor for the past couple of years. He is the youngest and most restless member of the Bitdefender writer team and he covers mobile malware and security topics with fervor and a twist. His passions revolve around gadgets and technology, and he's always ready to write about what's hot and trendy out there in geek universe.

1 Comment

Click here to post a comment
  • “The antivirus solution on the infected machines seems to have been ineffective in detecting the Trojan, indicating a higher level of sophistication in the attack.”

    or… they chose a bad antivirus, deactivate/close some of av function for not slowing down pc