http://www.computerworld.com/s/article/9223765/Researchers_unearth_more_Chinese_links_to_defense_contractor_attacks By Gregg Keizer Computerworld January 27, 2012 Researchers with Symantec have uncovered additional clues that point to Chinese hacker involvement in attacks against a large number of Western companies, including major U.S. defense contractors. The attacks use malicious PDF documents that exploit an Adobe Reader bug patched last month to infect Windows PCs with "Sykipot," a general-purpose backdoor Trojan horse. According to findings published Thursday by Symantec's research team, a "staging server" used by the attackers is based in the Beijing area, and is hosted by one of the country's largest Internet service providers, or ISPs. Symantec did not identify the ISP. The staging server stores new files, many of them malformed PDFs, that are used to infected machines. Symantec found more than 100 malicious files on the server; many had been used in Sykipot campaigns. [...] _____________________________________________________ Did a friend send you this article? Make it your New Year's Resolution to subscribe to InfoSec News! http://www.infosecnews.org/mailman/listinfo/isnReceived on Sun Jan 29 2012 - 22:24:07 PST
This archive was generated by hypermail 2.2.0 : Sun Jan 29 2012 - 22:25:58 PST