Printed from http://www.electronista.com

Operation Shady RAT hacking campaign stealing data worldwide

updated 09:10 am EDT, Wed August 3, 2011

McAfee uncovers serious global security threat

Hacking attacks around the globe have reached a new level with news that an unknown group has silently waged a hacking campaign over the past five-years. Dmitri Alperovitch, vice president of threat research at McAfee, has dubbed the high-level hacking campaign Operation Shady RAT. Alperovitch says around 70 public and private sector organizations around the globe have been victims of data theft resulting from the ongoing campaign.

Alperovitch first uncovered evidence of Shady RAT in early 2009. A McAfee client, a U.S. defense contractor, discovered malware on its network. However, until that point, no one had ever seen the type of malware being used in the attack. It is described as a spear-phishing e-mail containing a link to a Web page that, when clicked, automatically loads a remote-access tool, or RAT, on to infected computers.

The RAT escalates a user's privileges, which it then utilizes to extract sensitive data. McAfee has blocked its own clients from connecting to the server where the attacks were being launched. Only this March, however, did Alperovitch finally discover the logs stored on the attackers' servers, where the identities of those organizations affected were revealed.

McAfee identified government agencies in the United States, Taiwan, South Korea, Vietnam, and Canada, the Olympic committees in three countries, and the International Olympic Committee. Others included organizations in Japan, Switzerland, the United Kingdom, Indonesia, Denmark, Singapore, Hong Kong, Germany, and India. Those most affected were based in the US, while military contractors have been over-represented.

James A. Lewis, director and senior fellow of the Technology and Public Policy Program at the Center for Strategic and International Studies argues that China is responsible asking, "Who else spies on Taiwan?"

McAfee is said to be working closely with the US government aiming to shut down the command-and-control server where the attacks are currently being launched.

Already this year infamous hackers Lulzsec and Anonymous have already launched major attacks on a wide range of targets. Sony, perhaps, was the most publicized victim with the user data of over 77 million of its customers emerged. However, this new threat may have accessed much more sensitive information and continues to pose a threat. [via Vanity Fair]



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Life n Soul 8 Driver Bluetooth headphones

When it comes to music on the go, consumers generally have some options to consider when looking for the best experience. While Blueto ...

Tesoro Tizona G2N Elite gaming keyboard

The market for gaming keyboards is getting crowded, starting off with some fairly simple keyboards and diverging into the land of modu ...

GX Gaming DeathTaker mouse

Gaming is a serious endeavor for many people, driving them to look for the best performance in their system and interface devices. Fro ...

Sponsor

toggle

Most Commented

 
toggle

Popular News