[ISN] Google Hackers Targeted Source Code of More Than 30 Companies

From: InfoSec News <alerts_at_private>
Date: Thu, 14 Jan 2010 00:16:29 -0600 (CST)
http://www.wired.com/threatlevel/2010/01/google-hack-attack/

By Kim Zetter
Threat Level
Wired.com
January 13, 2010

A hack attack that targeted Google in December also hit 33 other 
companies, including financial institutions and defense contractors, and 
was aimed at stealing source code from the companies, say security 
researchers at iDefense.

The hackers used a zero-day vulnerability in Adobe Reader to deliver 
malware to many of the companies and were in some cases successful at 
siphoning the source code they sought, according to a statement 
distributed Tuesday by iDefense, a division of VeriSign. The attack was 
similar to one that targeted other companies last July, the company 
said.

A spokeswoman for iDefense wouldn't name any of the other companies that 
were targeted in the recent attack, except Adobe.

Adobe acknowledged Tuesday in a blog post that it discovered Jan. 2 that 
it had been the target of a "sophisticated, coordinated attack against 
corporate network systems managed by Adobe and other companies."

The company didn.t say whether it was a victim of the same attack that 
struck Google. But Adobe.s announcement came just minutes after Google 
revealed that it had been the target of a "highly sophisticated" hack 
attack originating in China in December.

Neither Google nor Adobe provided details about how the hacks occurred. 
Google said only that the hackers were able to steal unspecified 
intellectual property from it, and that they had focused their attack on 
obtaining access to the Gmail accounts of human rights activists who 
were involved in China rights issues.

But according to iDefense, whose customers include some of the 33 
companies that were hacked, the attacks were well targeted and 
"unusually sophisticated" and aimed at grabbing source code from several 
hi-tech companies based in Silicon Valley as well as financial 
institutions and defense contractors.

[...]


________________________________________ 
Did a friend send you this? From now on, be the 
first to find out! Subscribe to InfoSec News 
http://www.infosecnews.org
Received on Wed Jan 13 2010 - 22:16:29 PST

This archive was generated by hypermail 2.2.0 : Wed Jan 13 2010 - 22:29:47 PST