From The NY Times:
Chinese hackers have found a way around widely used privacy technology to target the creators and readers of web content that state censors have deemed hostile, according to new research.
The hackers were able to circumvent two of the most trusted privacy tools on the Internet: virtual private networks, or VPNs, and Tor, the anonymity software that masks a computer’s true whereabouts by routing its Internet connection through various points around the globe, according to findings by Jaime Blasco, a security researcher at AlienVault, a Silicon Valley security company.
As long as visitors to those websites were also logged into one of 15 Chinese Internet portals — including those run by Baidu, Alibaba and RenRen — the hackers were able to steal names, addresses, sex, birth dates, email addresses, phone numbers and even the so-called Internet cookies that track other websites viewed by a user.
To get around the Tor and VPN technology, the attackers relied on a server software vulnerability that China’s top companies apparently didn’t patch, Mr. Blasco said.
Read the Complete NYT Article
See Also: Here’s a Link to the Blog Post From AlienVault Cited by the NY Times