November 1, 2011
Chemical Companies Are The Latest Target Of Attacks
Symantec reports the latest hacking attack, dubbed “Nitro”, drifted through several industries including Non-Governmental Organizations focused on human rights then into the motor industry and finally attacking chemical companies with connections to military technology. The report states that 29 chemical companies were attacked and another 19 in other industries, but they think over 100 machines were infected with the malicious software.
The attack was initiated by sending certain members of the organizations an email that contained a self-extracting file that would sit behind the computer network´s defenses. The file would then attempt to report to a command and control server allowing hackers access to the intellectual property in order to engage in industrial espionage.The report stated, “While the behavior of the attackers differs slightly in each compromise, generally, once the attackers have identified the desired intellectual property, the copy the content to archives on internal systems they use as internal staging servers. The content is then uploaded to a remote site outside the compromised organization completing the attack.”
The attacks were geographically spread out, but 27 of the machines were in the US, Bangladesh contained 20 and the UK had 14 computers infected. The attacks were traced, though, to a virtual private server based in Heibei, China and belonging to a man in his 20´s dubbed “Covert Grove”, according to V3.
The attacks come in a year that have been filled with many similar attacks against the intellectual property of organizations, including the Night Dragon, Shady RAT and Lurid attacks.
On the Net: