Chemical Companies Become Targets of Cyber-Espionage, States Symantec

Symantec the Internet security company based in USA lately brought into light a cyber-espionage scheme aimed at seizing reputed chemical companies' trade secrets, while associated the spying with a China-based individual, published Zdnet.com.au dated November 1, 2011.

Symantec, which named the scheme "Nitro," reported that 48 firms-or-more, a few of which manufactured sophisticated military vehicle equipments, became targets when the scheme tried to garner a particular kind of information.

Gavin O'Gorman and Eric Chien, team members of the security response group of Symantec stated that assaults against the chemical companies were just the most recent surge of assaults the man from China was allegedly part of. Zdnet.com.au published this.

Some NGOs, dedicated to upholding human rights, were targeted in the assaults during late April-early May prior to those assaults targeting the automobile sector.

Later, during late-July-mid-September, the cyber-espionage targeted prominent chemical companies mostly in Bangladesh, Britain and USA, the security company stated.

Nitro, according to O'Gorman and Chien, tried to capture intellectual property to gain advantage over chemical firms.

Reportedly, the cyber-spies installed Trojan Poison Ivy on Windows computers through e-mails spammed to the system operators. Those e-mails that weren't actually delivered in bulk, as they were sent to select company staff, canvassed for complying with requests that established business affiliates made, alternatively touted Adobe Flash Player or anti-virus updates.

And when users unwittingly clicked on the e-mail attachments, they loaded Poison Ivy onto their systems. Consequently, the attackers managed in controlling and instructing the infected PCs, steal high-profile passwords and thereby acquire admission into servers holding secret data, and ultimately transmit that data to remote computers under hackers' control.

Furthermore, according to Symantec, the company communicated with a person named "Covert Grove," who operated a certain command-and-control server from the total involved in the attack that was situated in the Hebei province of China near Beijing.

Senior Researcher Jeff Wilhelm of Symantec remarked that the company managed in tracking the server to the particular person. However, it wasn't sure if that hacker was the only one for, it might've been big business spying, he concluded. Upi.com published this on October 31, 2011.

Related article: Consultant Offers Suggestions to Apple Struggling against malware & Online Threats

» SPAMfighter News - 11/7/2011