Evidence Matching Help Comprehend Wiper Malware Hackers Employed on SPE

Security researchers seem to be successfully matching evidences related to the wiper malicious program, which made a mighty strike against Sony Pictures Entertainment (SPE). The result of the attack was not just leakage of numerous documents and files which comprised employee records, secret financial records and presentations of the company, unreleased films, passwords as well as other data, but the unusable state that was left on many devices due to the malware, detected as 'Destover,' published threatpost.com dated December 4, 2014.

Recognized as utterly dangerous, the Destover kind of malicious software overwrites an infected PC's MBR (master boot record) that renders the machine unworkable, however, leaves some tracks helpful for security investigation.

Recently, Kurt Baumgartner Researcher at Kaspersky Lab released one study paper revealing how Destover functions as also illustrating how it is similar to the malware employed during the 2012 Shamoon assault on Saudi Aramco the oil company of Saudi Arabia as also the 2013 DarkSeoul assault wherein over 30,000 computers from broadcasting firms and banks in South Korea were targeted with one prominent cyber-assault.

Reportedly, software that wholly erased data from hard drives had been utilized within each of the three assaults.

According to Baumgartner, the attacker could be the same individual in the three instances alternatively there could be persons giving training else groups of individuals widely spread out. Dailymail.co.uk published this dated December 4, 2014.

Nevertheless, as per Symantec, the incidents in Saudi Arabia and South Korea are unlikely to have a link.

The company blogs about also observing similar characteristics within the assaults vis-à-vis SPE as well as the Shamoon scheme, however, those are just copycat.

According to Symantec, there isn't any clue to indicate a common source responsible for the two attacks. Dailymail.co.uk published this.

The different observations about the attacks outline the problems agencies of law enforcement encounter while trying to establish who the attackers are behind the Sony hack.

Usually while carrying out hacks, attackers navigate across many computer servers positioned worldwide for disguising their true IP alternatively employ "false flag" tactics that deceptively show some other nation or gang as executing the attacks.

» SPAMfighter News - 12/16/2014