To contact us Click HERE
Sent to us by Shaza who will be away during the Holidays and very busy. The blue link (in the middle) is the story of how it was done. Tomorrow a link from CL. Thanks all for the help. The reason I asked for help is right now I will take the low hanging fruit as I don't have time for researching the best articles. This also gives us many perspectives. QB
http://www.bloomberg.com/news/2012-11-27/china-mafia-style-hack-attack-drives-california-firm-to-brink.html
Private researchers have tracked Comment group, starting with malware the hacking team left behind in compromised networks then gradually identifying indicators that are the equivalent of fingerprints at a crime scene. The group is one of the most active cyber espionage teams from China, compromising over 1,000 victims including, according to a leaked classified cable, the computer networks of the U.S. Army and State Department. Researchers have developed an archive cataloguing 40 families of custom malware and hundreds of domain names as the group has hacked its way through Fortune 500 companies, government bodies, law firms, and other high profile targets. U.S. intelligence agencies, which once referred to the group as Byzantine Candor, have linked the Shanghai hackers to the People’s Liberation Army, China’s military, according to a leaked classified cable and former intelligence sources.
Read the full story.
1 - Phishing for accessA target computer receives what's called a spear-phishing email that has either an attachment containing malware or a link to a malicious zip file. If the attachment is opened, the malware instructs the computer's web browser to visit an innocuous website and look for code hidden there by the hackers. It is located in the area of web pages used by programmers that's known as "comments" and isn't visible to most users. From there, the code redirects the browser to a malicious site where it will download more extensive malware. This first stage is unique to Comment group, lending the team its name.2 - Infiltrating the networkThe downloaded malware allows the hacker to set up backdoors into the target network and control multiple computers and servers from a remote location. Investigators can later find malware in the targeted network that was left behind and analyze the code, linking it to particular hacking teams.
Hiç yorum yok:
Yorum Gönder