APT1 is back, attacks many of the initial U.S. corporate targets
Posted on 21 May 2013.
The APT1 hacker group is back to its old tricks, targeting a big number of organizations and businesses and, among them, many of those that they have previously breached, Mandiant has confirmed.


In the report that the cybersecurity firm published in February and that tied the group to Unit 61398 of the People’s Liberation Army they expressed the belief that the group will simply change their attack techniques and continue to do what they did best: compromising business systems of (mostly) U.S. companies and stealing intellectual property.

As it turns out, they were right. After a few months of extremely little activity, the group has launched new attacks.

"APT1 is still active using a well-coordinated and well-defined attack methodology against a wide set of industries — with a discernible post-report shift towards new tools and infrastructure," the company says.

According to a report requested from Mandiant by the NYT, the group has slowly rebuilt its attack infrastructure by targeting mostly small ISPs and online shops, and is now operating at 60-70 percent of the level they were working at before.

The company says that the group has minimally changed the malware they used in the first attacks and are have again managed to compromise some previously attacked targets. Mandiant is prevented by contract from sharing which, but we know that Coca Cola, RSA, and Lockheed Martin (but not the New York Times) were among the ones targeted in the first place.

But the thing that I would like to know the most - and it isn't addressed at all - is how did they actually manage to do it again, considering that the targets must have upped their defenses after those initial compromises.









Spotlight

Staples customers likely the latest victims of credit card breach

Posted on 21 October 2014.  |  Multiple banks say they have identified a pattern of credit and debit card fraud suggesting that several Staples Inc. office supply locations in the Northeastern United States are currently dealing with a data breach.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Oct 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //