Hackers Break Into U.S. Government and Corporate Computers
Hackers committed information theft from the computers of Department of Transportation of United States and many giant companies by luring employees with counterfeit job opportunities via e-mail and ads, said a computer security firm on July 16, 2007.
Those falling victim were several organizations that provide security benefits to government agencies. These included Booz Allens, a consulting company, Unisys Corp., company providing computer services, L-3 Communications, the defense contractor, Hewlett-Packard Co., maker of computers, and Hughes Network Systems, provider of satellite network, said Mel Morris, CEO of Prevx Ltd, provider of British Internet security. Reuters reported this on July 17, 2007.
A spokeswoman for the U.S. Department of Transport said they hadn't found any evidence to prove breach of security. Among the corporations, Hewlett-Packard restrained from commenting, while officials of other companies were not available for comment.
A certain piece of malware named NTOS.exe searched the computer for valuable confidential data, which it transmitted to a Yahoo-hosted website. In all probability the owner of the site was unaware that hackers were using his site. The site in the end hosted stolen data from 1,000 or more computers that were encrypted before posting it on the site.
The sophisticated security mechanisms could not detect the malicious software, because they hadn't been designed to recognize it. Hackers cleverly attacked a limited number of computers to avoid overloaded traffic. Such a low-volume traffic could remain unsuspicious under the security police's watch who normally identify threats only when the activities reach a certain stage.
The most worrying part is that the existing anti-virus product was unable to detect the particular malware, which therefore easily escaped the enterprise defenses, said Andrew Jaquith, security analyst of Yankee Group. Jaquith learned about the hack from Morris, reported Reuters on July 17, 2007.
Morris said he downloaded all the data from the infected website and decrypted it following a request from investigators representing the LEO (Law Enforcement Online) of the FBI who were probing the case. FBI declined to comment because investigation was still ongoing.
On July 16, 2007 Internet security companies started releasing patches to prevent the malicious code.
Related article: Hackers Redirect Windows Live Search to Malicious Sites
» SPAMfighter News - 25-07-2007