[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] South Korean Universities Targeted By Chinese-Speaking Hackers
From: InfoSec News <alerts () infosecnews ! org>
Date: 2013-06-26 9:16:54
Message-ID: alpine.DEB.2.02.1306260916450.14681 () infosecnews ! org
[Download RAW message or body]
http://www.darkreading.com/attacks-breaches/south-korean-universities-targeted-by-ch/240157240
By Kelly Jackson Higgins
Dark Reading
June 25, 2013
A newly discovered attack tool used by multiple groups of Chinese-speaking
attackers has infected more than 1,000 machines in South Korea -- mainly
universities and other academic institutions.
The so-called PinkStats malware family has been in use over the past four
years, targeting various nation-states and organizations around the globe,
according to Aviv Raff, CTO at Seculert, which studied the malware and posted
its findings today.
"This is the first proof that there are Chinese-speaking attackers targeting
[South Korea] entities," says Raff, who stopped short at confirming the
attackers were from China. Even so, he says it's likely that they are Chinese:
"These type of custom-made tools are usually created by the people speaking the
language used in the tool, [such as where] Mahdi used Farsi strings," he says.
There's no evidence, either, to confirm that PinkStats was also used in the
attacks earlier this year on South Korean banks, media networks, and an ISP
that wiped hard drives and attached drives of infected machines. They also
crippled targeted organizations for hours, and the machines weren't able to
reboot. There was speculation of a North Korea or China connection to the
attacks.
[...]
_______________________________________________
ISN mailing list
ISN@lists.infosecnews.org
http://lists.infosecnews.org/mailman/listinfo/isn_lists.infosecnews.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic