Last Monday, Reserve Bank of Australia (RBA) said that few of its computers had been targeted by Chinese-developed malware.
The incident, reported in the Australian Financial Review on Monday, took place in November 2011. That time, a Chinese-developed malware attacked a number of computers of the RBA in order to collect sensitive information of the bank. The malicious software was embedded in a hyperlink of an email sent from a “possibly legitimate” external account purported to belong to a senior bank official. The email with subject line “Strategic Planning FY2012” was sent to several RBA staffers and had legitimate email signature. Though the malware consisted of a web address that linked to a zip file that contained a Trojan, but unfortunately at that time the anti-virus program could not detect it.
Six staffs clicked on that link contained in the mail and in no time the malware became activated and started to search intelligence information as well as some other information related to the G-20 summit, where China’s exchange rate and currency reserves were part of the meeting’s agenda. But, luckily none of the computers had local administrator rights. As soon as RBA came to know the matter, it immediately identified all the affected systems and removed from the network subsequently. So the malware spy program could not do any malice.
But when RBA was asked to comment on whether any or what information was stolen, which executives within the bank were targeted, and over what period the assailants had access to its systems, the bank clearly denied to say further.