Security researcher Eric Romang continues to investigate the campaign

Jan 4, 2013 08:44 GMT  ·  By

Eric Romang, the researcher that has analyzed the recent Council on Foreign Relations (CFR) watering hole attacks, has found a couple of additional websites targeted in this campaign.

One of them is the site of Taiwanese travel agency PHIL-AM Tour (philam.com.tw). Fortunately, the website has been cleaned up.

The second website, which still hosts the malicious webpage, belongs to a dissident Uygur group known as Uygur Haber Ajansi (uygurunsesi.com). This isn’t the first time when an Uygur ethnic group is targeted by cybercriminals.

The fact that this particular site has been compromised once again shows that the main targets of this operation are related to China.

Similar to the Capstone Turbine Corporation, another organization found to be targeted in this watering hole attack, the site of Uygur Haber Ajansi previously hosted the Internet Explorer exploit identified back in September.