Home · Security

Sony malware may be linked to other damaging attacks: researchers

(Reuters) - Cybersecurity researchers have uncovered what they say is technical evidence linking the massive breach at Sony Corp's Hollywood studio with attacks in South Korea and the Middle East.

Moscow-based security software maker Kaspersky Lab said on Thursday it uncovered evidence that all three campaigns might have been launched by the same group, or facilitated by a single organization skilled in working with destructive malware.

In 2012, cyber attackers damaged tens of thousands of computers at Saudi Arabia's national oil company and Qatar's RasGas with a virus known as Shamoon, one of the most destructive campaigns to date. Some U.S. officials blamed Iran.

Last year, more than 30,000 PCs at South Korean banks and broadcasting companies were hit by a similar attack that cybersecurity researchers widely believe was launched from North Korea.

Kaspersky researcher Kurt Baumgartner told Reuters there are "unusually striking similarities" related to the malicious software and techniques in the two campaigns and the Nov. 24 Sony attack in which a malware dubbed "Destover" was used. More...

12-05-2014 07:44

'Sony-pocalypse': Why the Sony hack is one of the worst hacks ever

In a single week, hackers have brought a major Hollywood studio to its knees.

Sony Pictures is dealing with more than downed computers and frozen email. Movies have been leaked, and internal documents have exposed private company memos, along with employees' salaries, Social Security numbers and health information.

One security researcher, Adrian Sanabria, calls it "Sony-pocalypse." It's so devastating that the FBI is now warning other companies about the malicious software that infected Sony's computers.

This hack could prove extremely costly to Sony. Leaked movies. Every stolen copy of a movie is potentially a movie ticket lost. "Fury," the World War II drama starring Brad Pitt, has been downloaded illegally 2.3 million times, according to tracking firm Excipio.

The hack also threatens to suck the life out of Sony's (SNE) remake of the musical "Annie," starring Jamie Foxx, before it hits theaters in two weeks. It's been pirated more than 278,000 times. More...

12-05-2014 07:25

Hackers Probing Financial System’s Defenses Show Why Everyone Should Worry

Hackers are testing the financial system’s cyber defenses, and they can boast of some alarming success.

Let’s start with what we know. JPMorgan Chase & Co. (JPM) says a breach of its computer systems exposed the personal information of 76 million households and 7 million small businesses. The intrusion lasted from June until sometime in August, so hackers had more than a month to nose around. They accessed names, addresses, phone numbers and e-mail addresses, although the bank says there’s no evidence they compromised account information, passwords or Social Security numbers, Bloomberg Markets magazine will report in its December issue.

And keep in mind: JPMorgan is a giant, profitable bank with a reputation as one of the best companies in the world at cybersecurity.

Even more worrisome is what we don’t know -- about the intrusion at JPMorgan, the hackers who did it and the potential vulnerability of the entire financial system. The bank has said little publicly about the breach beyond its description of the customer information that was and was not compromised and an assurance the company is cooperating with government investigations. U.S. intelligence agencies, federal prosecutors and attorneys general from at least two states have all launched probes. More...

11-02-2014 16:43