![]() ![]() ![]() But just over 20 machines were hit with the second-stage attack, in which "reconnaissance information" about infected computers, such as IP address and software active on the machine, were sent to the attackers. Showing just how the attackers were carefully selecting their targets, more than 700,000 computers of the 2.3 million infected reported back to the hackers' server over few days the researchers were able to gather data, Cisco found. What was clear to both Avast and Cisco was that this was a sophisticated targeted attack on the tech industry. Researchers were only able to look across those days as the hacker server they had access to had its logs wiped on September 12 when it ran out of memory, Vlcek told Forbes. "Given that the logs were only collected for little over three days, the actual number of computers that received the 2nd stage payload was likely at least in the order of hundreds," wrote CEO Vince Steckler and chief technology officer Ondrej Vlcek. "This would suggest a very focused actor after valuable intellectual property," Cisco's researchers added.Īvast concurred with Cisco's research, but said it was likely more were infected. Cisco, Microsoft, VMware, Intel, Sony, Samsung, HTC, Linksys, D-Link and Singtel Corp were all on a list of targets, according to Talos, though it's unclear which were amongst the overall eight that Avast said had PCs infected. That analysis came after Cisco's Talos security division released research late Wednesday naming a handful of technology companies that were targeted with "secondary payloads" over just four days in September, saying 20 victim machines were infected as a result. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |