Hackers with big skills and a big ego will be drawn to Facebook and Twitter as their targets. But they’ll also target dozens of other companies, reports an article on arstechnica.com.
One group in particular stands out as the attackers, using zero-day exploits. They are known as Wild Neutron and Morpho, says the article, and have been active possibly since 2011, burrowing their way into various businesses: healthcare, pharmaceutical, technology.
It’s been speculated that the hackers want the inside information of these companies for financial gain. They’ve been at it for three or four years; we can assume they’ve been successful.
Researchers believe that these hackers have begun using a valid digital certificate that is issued to Acer Incorporated to bypass code-signing requirements that are built into modern operating systems, explains the arstechnica.com report.
Experts also have identified use of some kind of “unknown Flash Player exploit,” meaning that the hackers are using possibly a third zero-day exploit.
The report goes on to explain that recently, Reuters reported on a hacking group that allegedly busted into corporate e-mail accounts to get their hands on sensitive information for financial gain.
You’re probably wondering how these big companies could be so vulnerable, or how it is that hackers can figure out a password and username. Well, it doesn’t really work that way. A company may use passwords that, according to a password analyzer, would take nine million years to crack.
So hackers rely on the gullibility and security un-awareness of employees to bust in. They can send employees an e-mail, disguised to look like it’s from a company executive or CEO, that tricks the employee into either revealing passwords and usernames, or clicking on a malicious link that downloads a virus, giving the hacker access to the company system’s stored data. It’s like removing a dozen locks from the steel chamber door to let in the big bad wolf.
The security firms interviewed estimate that a minimum of 49 companies have been attacked by the hacking ring’s surveillance malware. The cybercriminals have, in at least one instance, got into a company’s physical security information management system.
The arstechnica.com article notes that this consists of swipe card access, HVAC, CCTV and other building security. This would allow the hackers to surveil employees, visually following them around.
This hacking group is smart. They don’t reuse e-mail addresses; they pay hosting services with bitcoins; they use multi-staged control/command networks that have encrypted virtual machines to foil forensics detectives. The only good news is that the group’s well-documented code suggests it’s a small band of hackers, not some giant one.
Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.
ROBERT SICILIANO, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His "tell it like it is" style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Siciliano is accessible, real, professional, and ready to weigh in and comment at a moment's notice on breaking news.
- Are All Hackers Bad?
The word hacker has a pretty negative connotation. It brings to mind other words like cybercriminal, thief, and malicious. It’s easy to see why hacker has a bad rep. The news is full of stories about hackers stealing data from large companies and the government. Hackers are the bad guys. But are they? Tesla just recently announced they
- How Hackers use LinkedIn to Scam
Hackers love LinkedIn because it links them in—straight through the portal of the targeted company. Geez, how much easier could this be, what with all the publically-exposed e-mail addresses of key players (and also worker bees) in big companies that someone wants to hack. An article on blog.sungardas.com was written by a white-hatter (his job is
- Inside the Business E-mail Compromise Scam
Trick e-mail = fraudulent wire transfer = hundreds of thousands to millions of dollars stolen. That’s what’s happening with business executives in select industries (e.g., chemical operations, manufacturing), says a report at threatpost.com, citing a finding from Dell SecureWorks. The phishing e-mails are part of those Nigerian scams you’ve heard so much about, a business e-mail compromise
- Beware of the CEO E-mail Scam
Beware of the B.E.C. scam, says a report at fbi.gov. The hackers target businesses and are good at getting what they want. The hackers first learn the name of a company’s CEO or other key figure such as the company’s lawyer or a vendor. They then figure out a way to make an e-mail, coming from
- What are Bug Bounties?
A bug bounty refers to the reward a bad-guy hacker gets upon discovering a vulnerability, weakness or flaw in a company’s system. This is akin to giving a reward to a burglar for pointing out weaknesses in your home’s security. But whom better to ask than a burglar, right? Same with a company’s computer systems: The best