Security researchers have traced a continuing run of zero-day attacks to the hackers who infamously hit Google and other hi-tech firms three years ago. Symantec has kept close tabs on the hackers behind the so-called Aurora attacks ever since. No other group has used more zero-day vulnerabilities – eight – to further their …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

Monday 10th September 2012 11:28 GMT Sir Runcible Spoon

Sir

El Reg is my main watering hole, if they get you then we're all screwed.

3 0
Monday 10th September 2012 11:48 GMT Robin

More news

Scary stuff. I'm just off to the BBC site, to see what Graham Cluely thinks of this...

0 0
Monday 10th September 2012 13:14 GMT Jan 0

Thanks for the Symantec press release.

Has anybody else in academia or the security industry come to the same conclusion?

0 0
Monday 10th September 2012 13:55 GMT Anonymous Coward

Hang em high

This is why all hackers should be hung by their thumbs for a few months until they understand their lapse of good judgment.

0 1
Monday 10th September 2012 16:51 GMT Anonymous Coward

Simple

Switch to Mac or Linux which aren't vulnerable to Viruses or Trojans.

1 2
1. Monday 10th September 2012 20:36 GMT Anonymous Coward
  
  Re: which aren't vulnerable
  
  You need to keep up with developments.
  
  1 1
  1. Tuesday 11th September 2012 00:36 GMT koolholio
    
    Re: which aren't vulnerable
    
    even the mac OSX softwareupdateadmin.dll is vulnerable to a remote buffer overflow
    
    0 0
Monday 10th September 2012 23:40 GMT nuked

"...the group must be backed by a nation state or (less probably) a large criminal organisation."

Or perhaps the Chinese or Russians, where there is little distinction...

0 0
Monday 10th September 2012 23:54 GMT koolholio

We all need to look at this perspectively

It stems from China, so it must be China? Ever heard of a honeypot? (no alot of security researchers havent)

It probably included a russian's code, as it utilised the TDSS rootkit (rather advanced malware including AES-256 crypto)

It seemed to connect to a ukranian control server for DNS....

The majority of 0-day exploits stem from the Netherlands (Remember sasser?)

And there are some really disgruntled ex-employees (or current?) that would enjoy such "revenge" --- Which is rather child like, but this mad worlds full of lots of different types!

So yes, lets play politics, Symantec Labs because thats what you do best from the top down? Engage brain next time and look in the right direction perhaps? Media avenues need to stop pointing fingers fuelling the frenzy too imo!

0 0