chicksdaddy (814965) writes "The Security Ledger reports that an investigation by the security firm Symantec has pulled the covers off an APT group dubbed “Hidden Lynx” that is believed to be responsible for some of the most sophisticated and large scale hacks of the last five years, including the 2009 "Aurora" hack of Google and other high tech firms, the 2012 VoHo "watering hole" attacks that targeted financial services, government and human rights groups and an attack on the security firm Bit9 that added malicious software to that company's application "whitelist."
Unlike other "APT" groups like "Unit 61398" of the Chinese People's Liberation Army (aka "APT 1"), however, Hidden Lynx appears to sell its talents to anyone with the money to pay. The company said Lynx has been linked to attacks on both commercial and government organizations, attacking “public facing infrastructure” like web servers, often targeting popular web sites that are “watering holes” for their intended victims: employees of organizations in the public and private sector, including financial services, law, education, and local, state and federal government agencies. It is believed to be the source of two, prominent families of data-stealing trojan horse programs: Backdoor.Moudoor, a customized version of “Gh0st RAT”, which Symantec said is used mostly in large-scale campaigns that span industry verticals and Trojan.Naid, the Trojan used against Bit9 incident and a number of other, highly targeted attacks that were part of the VOHO campaign and “Operation Aurora” in 2009.
The full report can be found here: http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/hidden_lynx.pdf"
Link to Original Source