Malware slurps rocket data from Japanese space agency

Secrets of Epsilon go out the door


Malware on a computer in the Japan Aerospace Exploration Agency (JAXA) has been stealing data on the latest Nipponese solid-fuel rocket system.

JAXA said that a security sweep of its systems on November 21 showed that a single computer had been subverted by the malware, and it was not clear if this was a targeted cyber-attack for espionage purposes. But data on Japan's Epsilon rocket system, which JAXA has spent ¥15bn developing, had been sent out of the organization to persons unknown.

The Epsilon program is building an advanced solid-fuel rocket that can further Japan's space-exploration and satellite industry. But unfortunately, governments around the world would also be interested in the technology for military purposes.

Solid-fuel rockets have a number of advantages over other designs. Liquid-fueled rockets don't make a good mobile-missile solution, and can't sit around long when fueled up since the liquids involved are highly corrosive. With solid fuel you can assemble the missile and it's ready to go whenever.

The first Epsilon rocket is close to takeoff, with the first launch scheduled for next summer. By this time almost all of the final testing will have been carried out, and if the attackers were interested in espionage, they may have got hold of some very valuable data indeed.

This is the second time JAXA has been hit in this way. In January the agency reported a similar malware data loss, that time for its H-II cargo transfer vehicle. ®

Broader topics

Narrower topics


Other stories you might like

  • Japan's asteroid probe reportedly found 20 amino acids
    They're the stuff of life, so the fact they're floating around out there is very exciting

    Dust that Japan's Hayabusa2 probe returned to Earth from asteroid Ryugu reportedly contain 20 amino acids, according to Japanese media.

    Which is very exciting indeed, because amino acids are the stuff of life. They help to build proteins, act as neurotransmitters in the brain, and are utterly ubiquitous and essential in terrestrial life. Just last month, esteemed journal Nature published research suggesting that amino acids had a crucial role in the evolution of the first self-replicating molecules.

    Outlets such as Nikkei report that a Science ministry spokesperson mentioned the presence of amino acids yesterday, with a hint of peer-reviewed work to come but no other detail.

    Continue reading
  • Emotet malware gang re-emerges with Chrome-based credit card heistware
    Crimeware groups are re-inventing themselves

    The criminals behind the Emotet botnet – which rose to fame as a banking trojan before evolving into spamming and malware delivery – are now using it to target credit card information stored in the Chrome web browser.

    Once the data – including the user's name, the card's numbers and expiration information – is exfiltrated, the malware will send it to command-and-control (C2) servers that are different than the one that the card stealer module uses, according to researchers with cybersecurity vendor Proofpoint's Threat Insight team.

    The new card information module is the latest illustration of Emotet's Lazarus-like return. It's been more than a year since Europol and law enforcement from countries including the United States, the UK and Ukraine tore down the Emotet actors' infrastructure in January 2021 and – they hoped – put the malware threat to rest.

    Continue reading
  • US to help Japan make leading-edge 2nm chips, possibly by 2025
    Player Four has entered the game

    Japan is reportedly hoping to join the ranks of countries producing leading-edge 2nm chips as soon as 2025, and it's working with the US to make such ambitions a reality.

    Nikkei reported Wednesday that businesses from both countries will jointly research the design and manufacturing of such components for devices ranging from smartphones to servers as part of a "bilateral chip technology partnership" between America and Japan.

    The report arrives less than a month after US and Japanese leaders said they would collaborate on next-generation semiconductors as part of broader agreement that also calls for "protecting and promoting critical technologies, including through the use of export controls."

    Continue reading
  • Now Windows Follina zero-day exploited to infect PCs with Qbot
    Data-stealing malware also paired with Black Basta ransomware gang

    Miscreants are reportedly exploiting the recently disclosed critical Windows Follina zero-day flaw to infect PCs with Qbot, thus aggressively expanding their reach.

    The bot's operators are also working with the Black Basta gang to spread ransomware in yet another partnership in the underground world of cyber-crime, it is claimed.

    This combination of Follina exploitation and its use to extort organizations makes the malware an even larger threat for enterprises. Qbot started off as a software nasty that raided people's online bank accounts, and evolved to snoop on user keystrokes and steal sensitive information from machines. It can also deliver other malware payloads, such as backdoors and ransomware, onto infected Windows systems, and forms a remote-controllable botnet.

    Continue reading
  • Japan makes online insults a crime that can earn a year in jail
    Law will be reviewed after three years amid debate on free speech vs civility

    Japan has updated its penal code to make insulting people online a crime punishable by a year of incarceration.

    An amendment [PDF] that passed the House of Councillors (Japan's upper legislative chamber) on Monday spells out that insults designed to hurt the reader can now attract increased punishments.

    Supporters of the amended law cite the death of 22-year-old wrestler and reality TV personality Hana Kimura as a reason it was needed. On the day she passed away, Kimura shared images of self-harm and hateful comments she'd received on social media. Her death was later ruled a suicide.

    Continue reading
  • Clipminer rakes in $1.7m in crypto hijacking scam
    Crooks divert transactions to own wallets while running mining on the side

    A crew using malware that performs cryptomining and clipboard-hacking operations have made off with at least $1.7 million in stolen cryptocurrency.

    The malware, dubbed Trojan.Clipminer, leverages the compute power of compromised systems to mine for cryptocurrency as well as identify crypto-wallet addresses in clipboard text and replace it to redirect transactions, according to researchers with Symantec's Threat Intelligence Team.

    The first samples of the Windows malware appeared in January 2021 and began to accelerate in their spread the following month, the Symantec researchers wrote in a blog post this week. They also observed that there are several design similarities between Clipminer and KryptoCibule – another cryptomining trojan that, a few months before Clipminer hit the scene, was detected and written about by ESET analysts.

    Continue reading
  • Symantec: More malware operators moving in to exploit Follina
    Meanwhile Microsoft still hasn't patched the fatal flaw

    While enterprises are still waiting for Microsoft to issue a fix for the critical "Follina" vulnerability in Windows, yet more malware operators are moving in to exploit it.

    Microsoft late last month acknowledged the remote code execution (RCE) vulnerability – tracked as CVE-2022-30190 – but has yet to deliver a patch for it. The company has outlined workarounds that can be used until a fix becomes available.

    In the meantime, reports of active exploits of the flaw continue to surface. Analysts with Proofpoint's Threat Insight team earlier this month tweeted about a phishing campaign, possibly aligned with a nation-state targeting US and European Union agencies, which uses Follina. The Proofpoint researchers said the malicious spam messages were sent to fewer than 10 Proofpoint product users.

    Continue reading

Biting the hand that feeds IT © 1998–2022