Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

APT For Hire: Report Exposes Hidden Lynx Hacking Crew

chicksdaddy (814965) writes | about 7 months ago


chicksdaddy (814965) writes "The Security Ledger reports that an investigation by the security firm Symantec has pulled the covers off an APT group dubbed “Hidden Lynx” that is believed to be responsible for some of the most sophisticated and large scale hacks of the last five years, including the 2009 "Aurora" hack of Google and other high tech firms, the 2012 VoHo "watering hole" attacks that targeted financial services, government and human rights groups and an attack on the security firm Bit9 that added malicious software to that company's application "whitelist."

Unlike other "APT" groups like "Unit 61398" of the Chinese People's Liberation Army (aka "APT 1"), however, Hidden Lynx appears to sell its talents to anyone with the money to pay. The company said Lynx has been linked to attacks on both commercial and government organizations, attacking “public facing infrastructure” like web servers, often targeting popular web sites that are “watering holes” for their intended victims: employees of organizations in the public and private sector, including financial services, law, education, and local, state and federal government agencies. It is believed to be the source of two, prominent families of data-stealing trojan horse programs: Backdoor.Moudoor, a customized version of “Gh0st RAT”, which Symantec said is used mostly in large-scale campaigns that span industry verticals and Trojan.Naid, the Trojan used against Bit9 incident and a number of other, highly targeted attacks that were part of the VOHO campaign and “Operation Aurora” in 2009.

The full report can be found here: http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/hidden_lynx.pdf"

Link to Original Source

0 comment

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account