Skip to main content

RSA's SecurID breach linked to China, researcher says

posted onAugust 4, 2011
by l33tdawg

The breach of RSA, the security division of EMC, last spring in which sensitive information related to RSA SecurID tokens was stolen, can be traced back to an attack originating in China, a security researcher strongly believes based on a close look into malware associated with the RSA breach.

Joe Stewart, director of malware research for Dell SecureWorks, says his conclusion is based on his work on a project to classify 60 different families of custom malware that have been used in the type of cyber-espionage attack often referred to today as an '"advanced persistent threat (APT)." The definition of APT can vary, but to Stewart it means cyber-espionage activity targeted at government or industry.

Two malware components known to have been used in the RSA breach are based on a common hacker tool called "HTran" that can disguise the location of their command-and-control servers used to siphon off sensitive stolen data back to the attackers.

Source

Tags

RSA China Industry News

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th