http://arstechnica.com/security/2015/07/meet-the-hackers-who-break-into-microsoft-and-apple-to-steal-insider-info/
By Dan Goodin
Ars Technica
July 8, 2015
In February 2013, Twitter detected a hack attack in progress on its
corporate network. "This attack was not the work of amateurs, and we do
not believe it was an isolated incident," a Twitter official wrote when
disclosing the intrusion. Sure enough, similar attacks were visited on
Facebook, Apple, and Microsoft in the coming weeks. In all four cases,
company employees were exposed to a zero-day Java exploit as they viewed a
website for iOS developers.
Now, security researchers have uncovered dozens of other companies hit by
the same attackers. Alternately known as Morpho and Wild Neutron, the
group has been active since at least 2011, penetrating companies in the
technology, pharmaceutical, investment, and healthcare industries, as well
as law firms and firms involved in corporate mergers and acquisitions. The
developers of the underlying surveillance malware have thoroughly
documented their code with fluent English, and command and control servers
are operated with almost flawless operational security. The take-away: the
threat actors are likely an espionage group in a position to profit on
insider information.
"Morpho is a skilled, persistent, and effective attack group which has
been active since at least March 2012," researchers from security firm
Symantec wrote in a report published Wednesday. "They are well resourced,
using at least one or possibly two zero-day exploits. Their motivation is
very likely to be financial gain and given that they have been active for
at least three years, they must be successful at monetizing their
operation."
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
