Hackers Hit Three Large U.S. Firms, Smaller MSSPs Should Be On Alert
CRN, By Rob Westervelt
A loose-knit group of cyberattackers believed
to have ties to the Chinese government has infiltrated several U.S. companies
using Java-based malware and established a long- term presence.
The latest round of attacks could be
a U.S.-specific operation, said researchers at security vendor Kaspersky Lab in
a report released Tuesday. The malware, called Javafog, can remain stealthy,
maintaining a presence on corporate systems, the Kaspersky researchers said.
Until now, the latest attacks from the cybermercenary hacking operation known
as Icefog have used hit-and-run-style tactics, abandoning infected systems once
data is accessed.
"With Javafog, we are turning
yet another page in the Icefog story by discovering another generation of
backdoors used by the attackers," according to the report issued by
Kaspersky. "We can assume that, based on their experience, the attackers
found the Java backdoor to be more stealthy and harder to notice, making it
more attractive for long-term operations." Read more.