Security researcher Symantec has discovered that a number of well-known hacking collectives are actually highly trained independent groups targeting large corporations for financial gain. The group will stay under the detection utilizing a elite group of meticulously specified assaults.
Vikram Thakur, senior manager at Symantec said that the only possible motive of these people is to forward company secrets to the rivals so that they may benefit. He said that the only way they could use it, in their opinion, was through some financial market or by selling it.
Thakur said Symantec together with other intrusion agencies this type of as FireEye Inc have been following below half few these groups, such as one titled FIN4. Morpho frequently uses the “watering hole” technique, infecting websites which are likely to attract their target victim. (NASDAQ:AAPL), Facebook Inc (NASDAQ:FB) and Twitter Inc (NYSE:TWTR) in early 2013 exposed their modus operandi, including attacking through a previously unknown “zero-day” flaw in Oracle’s Java software. In the best-known case, a website frequented by iPhone developers was infected.
Symantec has identified another group, which it has dubbed Morpho and is believed to be responsible for several Silicon Valley breaches in 2013. They manage to keep themselves below the radar for the most part by limiting themselves to a few, targeted attacks.
In Wednesday email correspondence with SCMagazine.com, a Symantec spokeswoman said that, while major US companies are under attack all the time, the research team found that “Morpho’s technical sophistication is something rarely seen in cybercrime groups”.
The group, Morpho, continues its corporate espionage activities, and has been linked to the 2013 attacks on Apple, Microsoft, Facebook and Twitter. Not surprisingly, the USA, Europe and Canada have seen the most attacks from Morpho. They are focused on stealing high-level, sensitive corporative information.
Symantec explained that because the group use multiple proxies to disguise its location, it is hard to apprehend any of its members.
A break in Symantec’s research came when a regular backup was made of a targeted machine during a 12-hour window when some of Morpho’s custom-made navigation tools were still in use. An Apple spokesman declined to discuss the research.