back to article FireEye hacked off at claim it hacked Chinese military's hackers

US security company FireEye has denied a claim aired in a new book that it hacked into laptops owned by Chinese military hackers. It's common knowledge that prior to its acquisition by FireEye, the security concern Mandiant brought the Chinese operation known as APT1 undone. In its 2013 report, the company attributed espionage …

  1. JLV Silver badge

    and what if they had done it?

    I can see them denying capability or keeping adversaries in the dark.

    But I wouldn’t really care much about respecting _known_ hackers’ privacy. It’s not like Fancy Bear and all the assorted state-sponsored slime trawling the net on behalf of Putin, Xi, Fat Kim and, yes, the NSA, are persona grata.

    1. big_D Silver badge
      Big Brother

      Re: and what if they had done it?

      It would be illegal to hack-back, so the Mandiant staff could also face charges.

      That said, if that is the only video Sanger was shown, how could he describe that they were reading sporting scores and chatting to girlfriends, before starting work and describing what they were wearing? :-S

      1. Anonymous Coward
        Anonymous Coward

        Re: and what if they had done it?

        Its common practice to tunnel your connection through a hop point or two. By doing so all traffic goes through these points. The article mentions that they had pcaps of the traffic. This would mean that the "hackers" were VERY stupid and did personal browsing of the internet through the connections that they were using to attack their victims.

  2. Doctor Syntax Silver badge

    Turning on the camera to view the screen would be a neat trick if you could persuade the user to work with a mirror behind him.

  3. Aodhhan Bronze badge

    Just another asinine NY Times reporter trying to make extra money by publishing a book on something he knows very little about. Not to mention, typical NYT reporter not doing any further research or speaking with other InfoSec professionals about certain tactics, techniques and procedures used by penetration testers and information system forensic experts.

    How many times this year has the NY Times had to retract or clarify something because their reporters did a half-ass job? A LOT.

    When standards are low, you're going to have employees who aren't the best around.

    1. jgarbo

      Come on, NYT is an old Mockingbird asset, used by the CIA to plant fake news and nonsense only the rabble would believe. If the Chinese cracked a US system no-one would know. They're good.

  4. Anonymous Coward
    Anonymous Coward

    Mandiant...

    ...definitely USED to (when they were Mandiant, before the FireEye takeover) gain control of APT C2 servers and dump the contents and monitor them.

    They used this as a driver for new client engagements... "did you know we found your company's data on this Chinese C2 server?"... "hadn't you better pay us to sort out your compromise?"

    Definitely happened.

    I remember it VERY clearly and wasn't impressed by their approach, almost a ransom demand. They made a lot of money out there from it, but not from the company I worked for back then.

  5. Anonymous Coward
    Anonymous Coward

    Reminds me of the old device, a Vacume Tube

    Use to transfer money etc from cashiers - a vacuum system you just drop thing into a container and place it in the end of a tube and it sucks it back to home base. More elaborate ones had many end points and homes bases.

    If you purchase a computer system now-a-days it will just suck what ever you put into it back to home base Microsoft, Kaspersky, ..........................

    And check summing of files can also help them identify who has the same documents not just miscreant programs.

  6. Walter Bishop Silver badge
    Terminator

    FireEye and the confidential patent license agreement

    "Finjan Holdings .. and FireEye .. today announced they entered into Confidential Patent License Agreements on December 29, 2017" ref

    What would these confidential patents be exactly?

    "Finjan's inventions are embedded within a strong portfolio of patents focusing on software and hardware technologies capable of proactively detecting previously unknown and emerging threats on a real-time, behavior-based basis"

    Would this 'invention' involve some kind of pattern recognition engine?

    "Finjan Holdings.. has filed a patent infringement lawsuit against Check Point Software Technologies" ref

    "Finjan Executives Phil Hartstein and Julie Mar-Spinola Recognized in the World's Top IP Value Creators in Market-Leading Publication" ref

    "beginning in 2005, Finjan commenced its licensing program around its patents. The first license, issued in 2005, was to Microsoft" ref

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019