back to article Sinkholes reveal more Chinese-hacked biz - and piggybacking crims

Researchers have identified yet more high-profile organisations attacked by spying Chinese hackers after seizing hold of the miscreants' command-and-control servers. Dell SecureWorks Counter Threat Unit (CTU) said that its tactic of "sinkholing" spyware-controlled systems is great for identifying custom malware and warning …

COMMENTS

This topic is closed for new posts.
  1. James 51

    Title is too long

    "Intelligence-driven security procedures that include deep packet inspection, app whitelisting and sandboxing for links and attachments in incoming email can be effective. "You need to maintain a high alert and watch everything," Stewart concluded, adding that greater collaboration and information sharing was also important"

    All this costs money and it's not always possible to convince the people with the purse strings to loosen them and even if you do, when they start to inconvenience someone important the rules can be thrown out of the window.

    1. pixl97

      Re: Title is too long

      >when they start to inconvenience someone important the rules can be thrown out of the window.

      We need to publish lists of these someone importants on the internet so sustained attacks can be commissioned against just them until the time that they figure out not being a twat when it comes to policy is necessary.

  2. Gabor Laszlo
    Facepalm

    Or

    you could just use JonDoFox running on a Linux LiveCD.

    And seriously, Symantec?

    1. Anonymous Coward
      Devil

      Re: a Linux LiveCD ..

      But then you wouldn't be PCI DSS compliant, would you ...

      1. Ole Juul

        Re: a Linux LiveCD ..

        I hope you're not suggesting that all the news about America being hacked is just a noble nationalistic attempt to protect America's favourite corporation, combined with sheer lazy avoidance of having to learn something new!

  3. CAPS LOCK

    What Gabor says...

    Just 'not Windows' will eliminate the vast majority of threats.

  4. CAPS LOCK

    But if you want to use Simatic Step 7...

    Of Stuxnet fame, guess what?

  5. Destroy All Monsters Silver badge
    Holmes

    SCP-899: "The Building"

    "The Building is a nondescript multi-storey block in the suburbs of Shanghai"

    Has anyone tried to enter that building? What happens if one does?

  6. Don Jefe
    Go

    Sinkholes

    There was a big sinkhole that opened up under a house near Tampa, FL. today. Swallowed up one bedroom and one person in said bedroom it did.

    No reports of Chinese coming out of the 100' diameter hole though.

  7. Anonymous Coward
    Facepalm

    Unknown malware pathogen ..

    "In late 2012, Dell SecureWorks researchers took control of a domain used by the Comment Crew following the address's expiration. Subsequent analysis of the network traffic sent to the domain from malware-controlled computers revealed that machines in a large US university were phoning home to the domain using SSL encryption as the result of infection by a then unknown malware pathogen".

    What OS platform does this 'unknown malware pathogen' run on?

    Is this a technical report or an article in the Daily Fail I am reading?

    advanced persistent threats (APTs), app whitelisting, botnets, conventional online crooks, cyber-espionage, cyber-espionage attacks, cyber-espionage tools, deep packet inspection, espionage efforts, Intelligence-driven security procedures, malign activity, malware-controlled computers, malware families, malware-infected computers, malware research, military research, ongoing assaults, reanimated botnets, regular cybercrime , sandboxing , Shanghai-based e-spies, sinkholing, software nasties, spam-spewing botnet, spear-phishing expeditions, spying Chinese hackers, spyware-controlled systems, targeted espionage project, unknown malware pathogen, unknown malware threats, villainous activities ®

This topic is closed for new posts.

Other stories you might like