Spear Phishing Campaign Hits Dozens of Chemical, Defense Firms 46
Orome1 writes "Nearly 50 (and quite possibly more) companies in the chemical, defense, and other sectors have been hit with a spear phishing campaign carrying a backdoor Trojan with the ultimate goal of exfiltrating R&D and manufacturing information, revealed Symantec in a newly released report. The attacks against these companies started in late July 2011 and lasted until the middle of September 2011, but the attackers are thought to be the same ones who targeted human rights related NGOs and companies in the motor industry in May." Here's a link to the report itself (PDF).
Farewell Dossier redux (Score:2)
It's time to recognise that the West is in another Cold War with China. The steps taken to keep industrial information out of Soviet hands crimped trade and imposed costly burdens on US business, but they were at least somewhat effective. Let's try to do better, but for fuck's sake let's do something! How about starting by dropping all packets from China at the border? If nothing else it ought to get their attention.
Re: (Score:1)
Let me refresh your memory... http://youtu.be/83tnWFojtcY [youtu.be]
People used to listen to me!!
Re:Farewell Dossier redux (Score:4, Insightful)
Because, we're not going to win this cold war if we're not providing easy access to our culture. Soft power has done far more for the US' standing in the world than our willingness to spend every last cent on pointless military endeavors.
Re: (Score:2)
Portions of it are already available over there. The Great Firewall thing is a pretty big joke. Sure it does cut down a great deal on that, but it's hardly rocket science to circumvent, and ultimately, us dropping all those packets at our border would make it nigh impossible for them to get through. Assuming that it's even possible in the first place, which is questionable at best.
Re: (Score:2)
Re: (Score:2)
Though most likely they'll just smile and wait it out, the US is so rotten through it's collapse under it's own weight any day now.
Re: (Score:2)
Re: (Score:2)
What could happen is that the US ends up without food where china have to eat what they produce, terrible pain that would inflict yes.
Re: (Score:2)
Stagdot?
User education (Score:2)
What is Spear Phishing ? (Score:3)
It seems to me that a well edited summary of the story might give us an idea of what Spear Phishing is.. at least, why is it different than normal phishing?
Is it because it has a trojan? What? huh?
help us out a bit here
Re:What is Spear Phishing ? (Score:5, Informative)
Spear phishing is different because it's highly targeted.
Happy to help.
Re: (Score:2)
Re: (Score:2)
It seems to me that a well edited summary of the story might give us an idea of what Spear Phishing is.. at least, why is it different than normal phishing?
Is it because it has a trojan? What? huh?
help us out a bit here
I wouldn't have thought the term would need explanation on Slashdot, as it is a standard industry term. A "spear phishing" attack is similar to regular phishing, but instead of targeting masses the attack targets specific, high-value individuals. Usually the attacks require a significant amount of research on the part of the attackers.
Re:What is Spear Phishing ? (Score:5, Informative)
Re: (Score:2)
It's a form of highly targeted phishing. Think back earlier this year to the RSA hack - how was it done? It was done by someone pretending to be the HR firm RSA uses and writing a pretty damn plausible e-mail that they might get in their inbox and not have second thoughts about (it was sent to their HR person about a list of potential hires).
Basically, i
Re: (Score:2)
Spear phishing is phishing where you exploit specific information about the target to make your messages seem more trustworthy. For example, phishing would just be,
"Hello John_Doe@yahoo.com, it appears you have some bank activity awaiting confirmation, please click on this flaky URL ..."
Spear phishing would be,
"Dear Mr. John H. Doe,
Your account at Citibank [Doe actually has an account there] shows a rejected transaction for your purchase at 6:30 pm at Walmart on Tuesday, the 5th. [Doe actually made a purch
Why is it so easy to infiltrate serious targets? (Score:3)
So all it takes is to send emails to the employees telling them to execute an *.exe file? No wonder the Chinese are able to do it, this thing requires almost no skill, only enough numbers of people churning out emails. I wonder when the Chinese will stop bothering with the malware part, and just ask the employees to upload all the sensitive data.
Re: (Score:3)
So all it takes is to send emails to the employees telling them to execute an *.exe file? No wonder the Chinese are able to do it, this thing requires almost no skill, only enough numbers of people churning out emails. I wonder when the Chinese will stop bothering with the malware part, and just ask the employees to upload all the sensitive data.
Actually, you're comment is not that far off the mark. I once was helping a company bring a new product to market, and as part of that would call the potential competitors and ask a whole lot of questions about their products, plans etc. I told them upfront exactly what we were doing - and they still gladly answered my questions. Once I reached the engineers designing the products they would talk my ears off about their product; it also helped that as an engineer I also could talk intelligently with them
Wow, talk about vague (Score:2)
The attacks were traced back to a computer system that was a virtual private server (VPS) located in the United States. However, the system was owned by a 20-something male located in the Hebei region in China.
I don't usually overgeneralize, but "20-something male" pretty much describes 99% of the blackhats out there.
Re: (Score:2)
Attacks like this make me wonder why should users even be able to execute *.exe files. I've started to see the point of non-executable partitions in Linux.
Re: (Score:1)
Re: (Score:2)
Fixed for GP. It's pretty easy to set
Re: (Score:2)
I meant they shouldn't be able to execute files that are not put there by the admin. That's what non-executable partitions are in Linux. Your root partition is executable, but your home partition is not. Your browser, word processor, etc. are in the executable partition so you can execute them. But if someone sent you an executable file you have to put it in your own home partition, and you can't execute it from there. And you can't move it to the root partition, because you don't have write permissions.
Re: (Score:2)
All email is Text you AC moron.
Technically correct, but misses the point and intent entirely. In other words, a typical Slashdot post. Well done!
Those companies chose to run Windows. (Score:3)
That choice means they don't care about security. Ridicule is perfectly appropriate in this case.
Re: (Score:1)
Which part of 'Trojan' do you not understand?
Given the venue, "How to put one on," seems like the appropriate answer to that question.
Good PR Move (Score:2)