Breaking News

MSI Prestige 16 AI Mercedes-AMG Motorsport Limited Edition Laptop GAMEMAX Introduces AERIS 330 Series micro-ATX PC Case COLORFUL Launches Rimbook Series Laptops Circular Smart Rings Offer Early Detection of Sickness Symptoms Micron Unveils Portfolio of Industry-First SSDs to Power the AI Revolution

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

Massive Cyber Attack Targets Chemical Companies

Massive Cyber Attack Targets Chemical Companies

Enterprise & IT Nov 1,2011 0

Symantec disclosed information about a recent targeted attack campaign directed primarily at private companies involved in the research, development, and manufacture of chemicals and advanced materials. The goal of the attackers appears to be to collect intellectual property such as design documents, formulas, and manufacturing processes, Symantec said. The same attackers appear to have a lengthy operation history including attacks on other industries and organizations.

The attack wave started in late July 2011 and continued into mid-September 2011. A total of 29 companies in the chemical sector were confirmed to be targeted in this attack wave and another 19 in various other sectors, primarily the defense sector, were seen to be affected as well, the research firm added. As the pattern of chemical industry targets emerged, Symantec internally code-named the attack "campaign Nitro."

The attackers first researched desired targets and then sent an email specifically to the target. While the attackers used different pretexts when sending these malicious emails, two methodologies stood out. First, when a specific recipient was targeted, the mails often purported to be meeting invitations from established business partners. Secondly, when the emails were being sent to a broad set of recipients, the mails purported to be a necessary security update. The emails then contained an attachment that was either an executable that appeared to be a text file based on the file name and icon, or a password-protected archive containing an executable file with the password provided in the email. In both cases, the executable file was a self-extracting executable containing PoisonIvy, a common backdoor Trojan developed by a Chinese speaker.

When the recipient attempted to open the attachment, they would inadvertently execute the file, causing PoisonIvy to be installed. Once PoisonIvy was installed, it contacted a C&C server on TCP port 80 using an encrypted communication protocol. Using the C&C server, the attackers then instructed the compromised computer to provide the infected computer?s IP address, the names of all other computers in the workgroup or domain, and dumps of Windows cached password hashes.

By using access to additional computers through the currently logged on user or cracked passwords through dumped hashes, the attackers then began traversing the network infecting additional computers. Typically, their primary goal is to obtain domain administrator credentials and/or gain access to a system storing intellectual property. Domain administrator credentials make it easier for the attacker to find servers hosting the desired intellectual property and gain access to the sensitive materials. The attackers may have also downloaded and installed additional tools to penetrate the network further.

Thousands of Chinese computer enthusiasts belong to hacker clubs and experts say some are supported by the military to develop a pool of possible recruits.

China has the world's biggest population of Internet users, with more than 450 million people online, and the government promotes Web use for business and education. But experts say security for many computers in China is so poor that they are vulnerable to being taken over and used to hide the source of attacks from elsewhere.

Tags: Cyber AttackVirus
Previous Post
South Korea Fines LCD Makers For Price Fixing
Next Post
LG 3D Notebook Receives Flicker-free Certification

Related Posts

  • European Supercomputers Researching Covid-19 Report Hacking Attacks

  • Texas Courts Faced a Ransomware Attack

  • GoDaddy Discloses Data Breach

  • Indonesia's Tokopedia Inverstigates Alleged Data Leak of 91 Million Users

  • Marriott Discloses New Data Breach

  • FireEye Warns About Chinese APT41 Global Intrusion Campaign Using Multiple Exploits

  • Cybersecurity Report Reveals Big Game Hunting, Telecommunication Targeting Take Center Stage for Cyber Adversaries

  • MGM Resorts Discloses Data Breach

Latest News

MSI Prestige 16 AI Mercedes-AMG Motorsport Limited Edition Laptop
Consumer Electronics

MSI Prestige 16 AI Mercedes-AMG Motorsport Limited Edition Laptop

GAMEMAX Introduces AERIS 330 Series micro-ATX PC Case
Cooling Systems

GAMEMAX Introduces AERIS 330 Series micro-ATX PC Case

COLORFUL Launches Rimbook Series Laptops
Enterprise & IT

COLORFUL Launches Rimbook Series Laptops

Circular Smart Rings Offer Early Detection of Sickness Symptoms
Consumer Electronics

Circular Smart Rings Offer Early Detection of Sickness Symptoms

Micron Unveils Portfolio of Industry-First SSDs to Power the AI Revolution
Enterprise & IT

Micron Unveils Portfolio of Industry-First SSDs to Power the AI Revolution

Popular Reviews

be quiet! Light Loop 360mm

be quiet! Light Loop 360mm

be quiet! Dark Mount Keyboard

be quiet! Dark Mount Keyboard

be quiet! Light Mount Keyboard

be quiet! Light Mount Keyboard

Noctua NH-D15 G2

Noctua NH-D15 G2

Soundpeats Pop Clip

Soundpeats Pop Clip

be quiet! Light Base 600 LX

be quiet! Light Base 600 LX

be quiet! Pure Base 501

be quiet! Pure Base 501

Terramaster F8-SSD

Terramaster F8-SSD

Main menu

  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed