The hackers responsible for 2010's
infamous "Operation Aurora" attack are still using a sophisticated
arsenal of security flaws and infiltration techniques to steal corporate
information, say experts.
Security researchers with Symantec have
issued a report outlining the techniques used by the so-called
"Edgewood" hacking platform and the group behind it. The company said
that the group is well-funded and armed with more than a half-dozen
unpublished security vulnerabilities.
"Although there are other attackers
utilizing zero-day exploits, we have seen no other group use so many,"
Symantec researchers Gavin O'Gorman and Geoff McDonald said in the
report.
"The number of zero-day exploits used indicates access to a high level of technical capability."
The researchers said that the group
appears to favour "watering hole" attacks techniques in which the
attacker profiles a targeted group and places attack code into sites
which the targets are likely to visit.
Additionally, the group is believed to
use spear-phishing techniques to infect the systems of targeted
individuals and organisations.
Overall, the group appears to be
targeting companies in the defence and aeronautics sector, though
researchers noted that targets have ranged from weapons manufacturers to
software vendors and even non-government organisations.
Though incidents were noted in the UK, British firms are not believed to be a significant target for the attackers.
According to the report, the US is the
most popular target for the attacks, with American firms accounting for
72 per cent of incidents. Canada, China, Hong Kong and Australia were
also popular targets.
While Symantec did not indicate where the group behind the attacks was based, past reports have suggested that the hackers are part of a state-sponsored operation based in mainland China.
(from: http://www.v3.co.uk/v3-uk/news/2203966/operation-aurora-hackers-still-at-large)
Tidak ada komentar:
Posting Komentar