[ISN] South Korean Universities Targeted By Chinese-Speaking Hackers

http://www.darkreading.com/attacks-breaches/south-korean-universities-targeted-by-ch/240157240 By Kelly Jackson Higgins Dark Reading June 25, 2013 A newly discovered attack tool used by multiple groups of Chinese-speaking attackers has infected more than 1,000 machines in South Korea — mainly universities and other academic institutions. The so-called PinkStats malware family has been in use over the past four years, targeting various nation-states and organizations around the globe, according to Aviv Raff, CTO at Seculert, which studied the malware and posted its findings today. “This is the first proof that there are Chinese-speaking attackers targeting [South Korea] entities,” says Raff, who stopped short at confirming the attackers were from China. Even so, he says it’s likely that they are Chinese: “These type of custom-made tools are usually created by the people speaking the language used in the tool, [such as where] Mahdi used Farsi strings,” he says. There’s no evidence, either, to confirm that PinkStats was also used in the attacks earlier this year on South Korean banks, media networks, and an ISP that wiped hard drives and attached drives of infected machines. They also crippled targeted organizations for hours, and the machines weren’t able to reboot. There was speculation of a North Korea or China connection to the attacks. […] _______________________________________________ ISN mailing list ISN@lists.infosecnews.org http://lists.infosecnews.org/mailman/listinfo/isn_lists.infosecnews.org




Facebooktwittergoogle_plusredditpinterestlinkedinmail