By Jim Finkle BOSTON (Reuters) - Researchers have discovered a group of highly sophisticated hackers operating for hire out of China, a U.S. computer security company said on Tuesday, and it linked them to some of the best-known espionage attacks in recent years. Symantec Corp said the group, which it dubbed "Hidden Lynx," was among the most technically advanced of several dozen believed to be running cyber espionage operations out of China. Unlike a previous report by another company, Symantec did not accuse the Chinese government of involvement in the cyber attacks. Symantec's 28-page report described Hidden Lynx as a "professional organization" staffed by between 50 and 100 people with a variety of skills needed to breach networks and steal information, including valuable corporate secrets. The company said its researchers believed Hidden Lynx might have been involved with the 2009 Operation Aurora attacks, the most well-known cyber espionage campaign uncovered to date against U.S. companies. In Operation Aurora, hackers attacked Google Inc, Adobe Systems Inc and dozens of other companies. Google in January 2010 disclosed the attacks, in which hackers tried to read Gmail communications of human rights activists and to access and change source code at targeted companies. Dmitri Alperovitch, the researcher who named Operation Aurora in February 2010 when he was the first to uncover key details about the attacks, said he believed that Symantec's conclusions were generally accurate. Alperovitch, who is chief technology officer at the cyber security firm CrowdStrike, said his company has also linked Operation Aurora to other attacks by the same group including a high-profile breach at EMC Corp's RSA security company in 2011. CrowdStrike has not publicly shared details about the group, which it calls Aurora Panda, because the firm makes money by selling proprietary research to clients, he said. Symantec researcher Liam O'Murchu said his company could not determine which individuals were behind Hidden Lynx or if it was linked to the Chinese government. Alperovitch said, however, that CrowdStrike believes the group works solely for the Chinese government and state-owned enterprises. "Whether they are formally a military unit or a defense contractor, that is unknown," he added. A separate study released in February from Mandiant, another firm that closely follows Chinese hackers, said a secret unit of the Chinese military was engaged in cyber espionage on American companies. Beijing vehemently denied the accusations in that document, which contained photos of the building that Mandiant said was the unit's headquarters. O'Murchu said Symantec believes Hidden Lynx is based in China because much of the infrastructure used to run the attacks is there and because the malicious software was written using Chinese tools and with Chinese code. The Symantec report attributed several recent attacks to Hidden Lynx, including a breach at cybersecurity firm Bit9 and follow-on attacks at three Bit9 clients. (http://reut.rs/XXMqKs) It also connects Hidden Lynx to a major campaign dubbed Voho, which was discovered last year by EMC's Corp's RSA security company. Voho targeted hundreds of organizations, including financial service, technology and healthcare companies, defense contractors and government agencies. FINANCE TARGETED Symantec's report described the group as a "highly efficient team" capable of running multiple operations at once and of targeting specific organizations across a variety of industries. That profile suggests that they were hired by clients seeking out very specific pieces of data, the report said. For example, the financial services sector was the most heavily affected industry, representing about a quarter of targets since November 2011, according to Symantec. While Symantec would not identify particular victims within the financial industry, it said they included companies with information on pending merger and acquisition activity. Such information might prove valuable to Hidden Lynx clients in negotiating takeovers or trading shares. The victims did not include commercial banks, Symantec said. Hidden Lynx's arsenal of tools included Trojan Naid and Trojan Moudoor, which siphoned data from infected computers. Symantec, which sells software and services to protect corporate and consumer computer systems from cyber attacks like the ones mentioned in the report, said Naid was also used by hackers in Operation Aurora. The Hidden Lynx hackers "were either responsible for the Aurora attack or were working in conjunction with the Aurora attackers," O'Murchu said. (Reporting by Jim Finkle; Editing by Richard Valdmanis, David Gregorio and Ken Wills)
Our goal is to create a safe and engaging place for users to connect over interests and passions. In order to improve our community experience, we are temporarily suspending article commenting
- The Oklahoman
Taking a look at five candidates to replace Oklahoma head coach Lincoln Riley.
- NBC Sports BayArea
Steph Curry was having a fine game against the Clippers heading into the fourth quarter. Then a technical foul was called, and his spark was lit.
- Men's Health
Pulmonary medicine and critical care specialist Dr. Mike Hansen explains what you need to know about the new Covid-19 strain known as the Omicron variant.
- Madame Noire
Venus And Serena’s Half-Sister Slams ‘King Richard’ Biopic: ‘Those Girls Rose To The Top While His Children Had To Suffer’
Sabrina Williams's late mother, Betty Johnson, was married to the former tennis coach in the early sixties. The couple had four children together shortly before Williams allegedly walked out on his family according to the Wimbledon champs estranged sister.
- Yahoo Sports
Joe Buck has jokes, everyone.
- USA TODAY
Two-year-old Emma Sweet was found three miles downstream from where her father had been found by duck hunters on Friday.
- Rolling Stone
"For the Intelligence Community, the Trump transition was far and away the most difficult in its historical experience with briefing new presidents," a new CIA report said
- Touchdown Wire
Oklahoma is making a list of coaching candidates and Kliff Kingsbury is on it
- Belleville News-Democrat
How does your southwestern Illinois community compare to others?
- NBC Sports BayArea
Steph Curry explains how the Warriors built off the momentum of an emotional win in LA on Sunday.
Divers off the coast of New Zealand came face to face with a giant sea worm that was almost 30-foot long. The creature is called a pyrosome, and while it might look intimidating, it’s actually perfectly safe to approach. Pyrosomes are part of a family of sea creatures known as tunicates or “sea squirts”. They’ve … The post Divers discovered a horrifying 26-foot sea worm that only comes out at night appeared first on BGR.
- Patriots Wire
This quote is absolutely perfect, Bill.
- Vols Wire
How Lincoln Riley at USC impacts Josh Heupel and Oklahoma's head coaching search.
- Footwear News
Trump wore a lacy blouse to celebrate Thanksgiving with mom Marla Maples.
- Auburn Wire
Here are all of the missed penalties on Alabama's final drive.
"If you’re hungry before bed, drink a tall glass of water."View Entire Post ›
- Business Insider
The organizer of the 'Stop the Steal' rally that led up to the Capitol riot said he will comply with a congressional subpoena because he doesn't have 'money to spend on legal bills'
"The only reason I'm going is because I don't want to go to jail," Ali Alexander said in a Telegram message Saturday night.
(Bloomberg) -- The Chinese businessman had walked out of a bank in Kinshasa with 13,624 hundred-dollar bills, 10,001 fifties and 43,000 smaller U.S. notes, despite explicit instructions to prevent it from happening.Most Read from BloombergBillionaire Family Feud Puts a Century-Old Business Empire in JeopardyAn Arab City’s Booming Art Scene Is Also a Grab at Soft PowerChina Cash Flowed Through Congo Bank to Former President’s Cronies“The account has finally been emptied,” Yvon Douhore, head of an
- The Daily Beast
GoFundMeOn November 19, Nathan Valencia, a 20-year-old Las Vegas college junior and fraternity member, fought a member of another campus fraternity in the “main event” of an annual boxing match.According to an Instagram flyer leading up to Kappa Sigma Fight Night, proceeds for the annual event were supposed to support Center Ring Boxing, a youth boxing club in Las Vegas.But the friendly match quickly turned tragic. View this post on Instagram A post shared by 𝐊𝐚𝐩𝐩𝐚 𝐒𝐢𝐠𝐦𝐚 (@unlvkappasigma) Accord
- USA TODAY Sports - Golfweek
What happened in this video is enough to shake any golfer.