Ars Technica is reporting that the attack on Google which was announced a few days ago on the Google Blog has disturbingly been traced back to the Chinese government, according to VeriSign's iDefense security lab who traced the attack back to its origin.
iDefense researchers at Verisign were able to trace the source of the control servers that distributed the malware which gained access to private customer and corporate Google data. Verisign does not hesitate to point out that the Chinese government was the source of the attacks. The source IPs and drop server of the attack correspond to a single foreign entity consisting either of agents of the Chinese state or proxies thereof," reads the report.
The report goes on to point out that the attack was executed using infected PDF files that were designed to exploit a vunerability in Adobe's PDF reader and distribute malware across PCs.
The researchers also found that there were large similarities between the attack on Google and one that was perfomed in July against US companies - both attacks were managed through the same servers; "The servers used in both attacks employ the HomeLinux DynamicDNS provider, and both are currently pointing to IP addresses owned by Linode, a US-based company that offers Virtual Private Server hosting. The IP addresses in question are within the same subnet, and they are six IP addresses apart from each other," the report says. "Considering this proximity, it is possible that the two attacks are one and the same, and that the organizations targeted in the Silicon Valley attacks have been compromised since July."
If all the claims in the report are correct, the report suggests that the Chinese government has been attacking companies across the world for months in a campaign of industrial espionage.
Adobe has claimed that the PDFs were not used to distribute the malware. In a press statement shortly after the reports release, Adobe announced they have found no evidence that a PDF flaw was used to perfom attacks in this incident. China responded to Google's claims in a brief statement yesterday, stating "The Chinese government administers the Internet according to law and we have explicit stipulations over what content can be spread on the Internet."