US software firm hacked for years after suing China

Solid Oak nearly went under after three years of persistent attack


A Californian software company which sued the Chinese government for pirating its flagship content filtering product has revealed how it was targeted by hackers from the People’s Republic for the three years of the resulting legal proceedings.

Santa Barbara-based Solid Oak Software filed the civil lawsuit against China after discovering thousands of lines of code from its parental filtering CYBERsitter had been lifted and used to develop the Green Dam Youth Escort – Chinese software which was originally intended to be rolled out nationally by the government.

Just 12 days after Solid Oak founder Brian Milburn went public with his intentions, the hackers began targeting his employees with a view to infiltrating the company, gleaning intelligence about the court case and disrupting sales as much as possible, Bloomberg reported.

“It felt like they had a plan,” Milburn told the newswire. “If they could just put the company out of business, the lawsuit goes away. They didn’t need guys with guns or someone to break my kneecaps.”

The attackers made initial incursions with spyware hidden in malicious email attachments and were soon able to remotely control PCs and switch on webcams to spy on individuals. They also apparently went after Solid Oak’s law firm in the hope of lifting documents which they believed may have helped in the upcoming court case.

Solid Oak’s web and email servers were also targeted, frequently crashing several times a day, and the small family-run business dived into the red as customers looking to buy the software online were not able to complete their transactions thanks to some tinkering with the script that controlled payment processing, Bloomberg said.

Forensic investigators told the newswire that the malware and attack toolkits they found on Solid Oak’s network and servers were unique to Chinese hackers known as the Comment group – a gang fingered for attacks on Coca Cola and others revealed earlier this month.

In the end Solid Oak survived by the skin of its teeth, with Milburn and his staff forced to share documents on webmail and Dropbox in an attempt to thwart their foes.

Within two months of a settlement in the case , the attacks reportedly stopped. ®

Similar topics

Broader topics


Other stories you might like

  • Verizon: Ransomware sees biggest jump in five years
    We're only here for DBIRs

    The cybersecurity landscape continues to expand and evolve rapidly, fueled in large part by the cat-and-mouse game between miscreants trying to get into corporate IT environments and those hired by enterprises and security vendors to keep them out.

    Despite all that, Verizon's annual security breach report is again showing that there are constants in the field, including that ransomware continues to be a fast-growing threat and that the "human element" still plays a central role in most security breaches, whether it's through social engineering, bad decisions, or similar.

    According to the US carrier's 2022 Data Breach Investigations Report (DBIR) released this week [PDF], ransomware accounted for 25 percent of the observed security incidents that occurred between November 1, 2020, and October 31, 2021, and was present in 70 percent of all malware infections. Ransomware outbreaks increased 13 percent year-over-year, a larger increase than the previous five years combined.

    Continue reading
  • Slack-for-engineers Mattermost on open source and data sovereignty
    Control and access are becoming a hot button for orgs

    Interview "It's our data, it's our intellectual property. Being able to migrate it out those systems is near impossible... It was a real frustration for us."

    These were the words of communication and collaboration platform Mattermost's founder and CTO, Corey Hulen, speaking to The Register about open source, sovereignty and audio bridges.

    "Some of the history of Mattermost is exactly that problem," says Hulen of the issue of closed source software. "We were using proprietary tools – we were not a collaboration platform before, we were a games company before – [and] we were extremely frustrated because we couldn't get our intellectual property out of those systems..."

    Continue reading
  • UK government having hard time complying with its own IR35 tax rules
    This shouldn't come as much of a surprise if you've been reading the headlines at all

    Government departments are guilty of high levels of non-compliance with the UK's off-payroll tax regime, according to a report by MPs.

    Difficulties meeting the IR35 rules, which apply to many IT contractors, in central government reflect poor implementation by Her Majesty's Revenue & Customs (HMRC) and other government bodies, the Public Accounts Committee (PAC) said.

    "Central government is spending hundreds of millions of pounds to cover tax owed for individuals wrongly assessed as self-employed. Government departments and agencies owed, or expected to owe, HMRC £263 million in 2020–21 due to incorrect administration of the rules," the report said.

    Continue reading

Biting the hand that feeds IT © 1998–2022