Hidden Lynx-Professional Hackers for Hire.pdf

《Hidden Lynx-Professional Hackers for Hire.pdf》由会员上传分享，免费在线阅读，更多相关内容在学术论文-天天文库。

1、SECURITYRESPONSEHiddenLynx–ProfessionalHackersforHireStephenDoherty,JozsefGegeny,BrankoSpasojevic,JonellBaltazarVersion1.0–September17,2013TheHiddenLynxgroupisaprofessionalteamofattackerswithadvancedcapabilities.FollowusonTwitterVisitourBlog@threatintelhttp://www.symantec.com/c

2、onnect/symantec-blogs/srCONTENTSOVERVIEW.....................................................................3Background...................................................................5WhoaretheHiddenLynxgroup?..................................5Whoaretheirtargets?...........

3、.......................................7Whatistheirmotivation?..............................................7CorporateEspionage...............................................8Attacksagainstgovernmentcontractors................8Whataretheycapableof?..............................

4、..............8Subvertingtrustprotectionmodels........................8Advancedzero-dayaccess....................................13Supplychainattacks.............................................14Conclusion...................................................................16App

5、endix.....................................................................18Relatedattacks......................................................18Resources....................................................................25SymantecProtection...................................

6、................26OVERVIEWTheHiddenLynxgroupisaprofessionalteamofattackerswithadvancedcapabilities.TheywereresponsibleforthecompromiseofsecurityfirmBit9’sdigitalcode-signingcertificatewhichwasusedtosignmalware.TheBit9breachwaspartofthemuchlargerVOHOcampaignandthatcampaignwasjus

7、toneofmanyoperationsundertakenbythegroupoverthelastfouryears.Thegrouplikelyoffersa“hackersforhire”operationandistaskedwithretrievingspecificinformationfromawiderangeofcorporateandgovernmenttargets.Theyareahighlyefficientteamwhocanundertakemultiplecampaignsatonce,breachsomeofthe

8、world’sbest-protectedorganizationsandcanchangetheirtac