Chinese hackers use India’s own thumb drives against them

Mike Wehner, Tecca
Technology News Blog

In a move straight out of a spy novel, Chinese hackers used some serious technical trickery to steal information from India's Navy regarding a new nuclear submarine. The Indian Express reports that India's Eastern Naval Command was the target of a Chinese-made computer bug that was able to infiltrate computers that weren't even connected to the internet.

Here's how it worked: The malicious program was initially planted on internet-connected computers in and around India's Naval base and laid dormant until a portable USB drive was plugged in to the machine. Once the flash drive was present, the bug made its home on the tiny device and waited until it is plugged in elsewhere. The virus then searched for keywords — in this case, information on a new nuclear submarine being tested in India — and copied as much as it could.

Indian Naval officers made the mistake of taking thumb drives they had used on a web-connected machine and plugged them in to computers that contained sensitive data on the new sub. India's Navy uses computers with no internet connection to store this important data, but that didn't stop the virus from completing its task.

Once the nefarious program had the information it needed, it again waited until it was plugged in to an internet-connected computer. Once a healthy connection was found, the software immediately relayed the data back to its creators in China. Naval officials aren't detailing exactly how much information was leaked, but as this is India's very first foray into the nuclear-powered submarine arena, any and all data is considered to be top secret.

[via Ars Technica]

This article was written by Mike Wehner and originally appeared on Tecca

More from Tecca: