The protests which started in September 2014 lost steam midway only to gather momentum again since 10th October.
These attempts at exploitation, compromise, and digital surveillance are detailed throughout this post.
ATD is an alliance of people and organizations dedicated to democracy and universal suffrage in Hong Kong.
Volexity refers to this shell as the Angel Webshell, named after its default password of angel.
The shell will simply display the text Password:, a text input box, and a Login button.
A screen shot of the webshell as observed on the ATD website can be seen below.
Peoples Power website contains malicious iframe as per Veloxity.
The malicious iframes are pointing to exploit pages.
The bad links have been shortened through the Chinese URL shortening service 985.so so as to evade detection.
If successful, the exploits will install either a 32-bit or 64-bit version of the malware, Adair says.
source: www.techworm.net
