Printed from http://www.electronista.com

Operation Shady RAT hacking campaign stealing data worldwide

updated 09:10 am EDT, Wed August 3, 2011

McAfee uncovers serious global security threat

Hacking attacks around the globe have reached a new level with news that an unknown group has silently waged a hacking campaign over the past five-years. Dmitri Alperovitch, vice president of threat research at McAfee, has dubbed the high-level hacking campaign Operation Shady RAT. Alperovitch says around 70 public and private sector organizations around the globe have been victims of data theft resulting from the ongoing campaign.

Alperovitch first uncovered evidence of Shady RAT in early 2009. A McAfee client, a U.S. defense contractor, discovered malware on its network. However, until that point, no one had ever seen the type of malware being used in the attack. It is described as a spear-phishing e-mail containing a link to a Web page that, when clicked, automatically loads a remote-access tool, or RAT, on to infected computers.

The RAT escalates a user's privileges, which it then utilizes to extract sensitive data. McAfee has blocked its own clients from connecting to the server where the attacks were being launched. Only this March, however, did Alperovitch finally discover the logs stored on the attackers' servers, where the identities of those organizations affected were revealed.

McAfee identified government agencies in the United States, Taiwan, South Korea, Vietnam, and Canada, the Olympic committees in three countries, and the International Olympic Committee. Others included organizations in Japan, Switzerland, the United Kingdom, Indonesia, Denmark, Singapore, Hong Kong, Germany, and India. Those most affected were based in the US, while military contractors have been over-represented.

James A. Lewis, director and senior fellow of the Technology and Public Policy Program at the Center for Strategic and International Studies argues that China is responsible asking, "Who else spies on Taiwan?"

McAfee is said to be working closely with the US government aiming to shut down the command-and-control server where the attacks are currently being launched.

Already this year infamous hackers Lulzsec and Anonymous have already launched major attacks on a wide range of targets. Sony, perhaps, was the most publicized victim with the user data of over 77 million of its customers emerged. However, this new threat may have accessed much more sensitive information and continues to pose a threat. [via Vanity Fair]



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Asus Chromebook C300

When Chromebooks hit the market back in 2011, consumers didn't know what to do with them. The low-cost laptops, powered by Google's Ch ...

Plantronics BackBeat Pro Bluetooth headphones

Looking for a pair of headphones that can do everything a user requires is a task that can take some study. Trying to decide on in-ear ...

Lemur BlueDriver

"Oh no, the check engine light is on…again! What one of the hundreds of reasons could it be this time? Probably going to cost a fort ...

Sponsor

toggle

Most Commented

 
toggle

Popular News