From: InfoSec News (alertsinfosecnews.org)
Date: Thu Feb 11 2010 - 02:27:41 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.darkreading.com/vulnerability_management/security/attacks/showArticle.jhtml?articleID=222700786

By Kelly Jackson Higgins
DarkReading
Feb 10, 2010

The targeted attacks that hit Google, Adobe, and other U.S.
organizations are still ongoing and have affected many more companies
than the original 20 to 30 or so reported by Google and others.

Security experts who have worked on forensics investigations and cleanup
of the victim organizations from the attacks that originated out of
China say they are also getting closer to identifying the author or
authors of the malware used to breach Google and others.

"The attack called Operation Aurora is larger than just [the attacks
acknowledged at the] 30 companies. That attack is still in operation and
is much larger," says Greg Hoglund, founder and CEO of HBGary, which
today published a report on Operation Aurora that recaps where things
stand with the investigation.

He and other forensics firms say they have no direct evidence
implicating the Chinese government in the Aurora attacks, but that
doesn't mean other investigators or officials have it and just aren't
sharing it publicly, Hoglund says. HBGary has found trails left behind
in the Aurora code by its creators that are "very specific to the
developer who compiled the malware," Hoglund says, and it has Chinese
language ties.

[...]

________________________________________
Did a friend send you this? From now on, be the
first to find out! Subscribe to InfoSec News
http://www.infosecnews.org

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]