Reply to post: shell we have a game of "how was it done?"

TalkTalk: Hackers may have nicked personal, banking info on 4 million Brits

Anonymous Coward
Anonymous Coward

shell we have a game of "how was it done?"

No details have been released about attack and I do not know what happened but the most common attack that I seen that gets data out of an organisation is the following

1) Spear phishing attack to an admin to deliver the dropper via a URL from a hacked wordpress site

2) Second stage down loader exploits one of the following (Office, Adobe, IE) to gain kernel level access

3) Creds for key systems harvested

4) Data accessed with Creds

5) Data exfiltrated via the web proxy

Or an un-encrypted USB stick left on a train.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019