RSA's SecurID Breach Linked to China, Researcher Says

Thursday Aug 4th 2011 by Staff

A Dell security researcher says the hackers involved used a Chinese hacking tool and sent data to Chinese ISPs.

NetworkWorld: Dell security researcher Joe Stewart says that the hackers who stole RSA SecureID tokens last spring had ties to China. According to Stewart, the individuals involved used two pieces of malware based on HTran, a common hacker tool that was developed in China. In addition, he has discovered that the malware was directing data traffic to two networks in China, which appear to be ISPs in Beijing and Shanghai.

"It's not surprising that hackers using a Chinese hacking tool might be operating from IP addresses in the PRC," said Steward's report. "Most of the Chinese destination IPs belong to large ISPs, making further attribution of the hacking activity difficult or impossible without the cooperation of the PRC government."

Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved