Sony Pictures Malware May Be Linked to Other Damaging Attacks: Experts

Sony Pictures Malware May Be Linked to Other Damaging Attacks: Experts
Cyber-security researchers have uncovered what they say is technical evidence linking the massive breach at Sony's Hollywood studio with attacks in South Korea and the Middle East.

Moscow-based security software maker Kaspersky Lab said on Thursday it uncovered evidence that all three campaigns might have been launched by the same group, or facilitated by a single organization skilled in working with destructive malware.

In 2012, cyber attackers damaged tens of thousands of computers at Saudi Arabia's national oil company and Qatar's RasGas with a virus known as Shamoon, one of the most destructive campaigns to date. Some U.S. officials blamed Iran.

Last year, more than 30,000 PCs at South Korean banks and broadcasting companies were hit by a similar attack that cyber-security researchers widely believe was launched from North Korea.

Kaspersky researcher Kurt Baumgartner told Reuters there are "unusually striking similarities" related to the malicious software and techniques in the two campaigns and the Nov. 24 Sony attack in which a malware dubbed "Destover" was used.

He described the similarities in depth in a technical blog published on Thursday on Kaspersky's website.

"It could be a single actor or it could be that there are trainers or individuals who float across groups," Baumgartner said in an interview.

He said the evidence suggests hackers from North Korea are behind the attack on Sony, although it is unclear whether they work directly for the government.

Not all cyber-security researchers agree with Kaspersky's interpretation of the technical evidence.

California-based Symantec Corp said in a blog posting on Thursday it also sees similarities between the attacks against Sony and the Shamoon campaign, but attributed it to a copycat.

"There is no evidence to suggest that the same group is behind both attacks," Symantec said on its blog.

The diverging views highlight the difficulties that law enforcement faces in determining the identity of the hackers responsible for the Sony breach.

Hackers often conduct attacks by digitally hopping through multiple computer severs around the globe to mask their real Internet address, or use "false flag" techniques to make it look as though the attack is the work of another nation or group.

© Thomson Reuters 2014


For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Amazon Elements Launched: Firm's Own Line of Diapers and Baby Wipes
Second Bitcoin Auction Draws Fewer Bidders

Related Stories

Share on Facebook Tweet Snapchat Share Reddit Comment



© Copyright Red Pixels Ventures Limited 2021. All rights reserved.
Listen to the latest songs, only on