Sony Pictures Malware
Cyber-safety researchers have uncovered what they are saying is technical evidence linking the massive breach at Sony’s Hollywood studio with attacks in South Korea and the middle East.
Moscow-based totally safety tool maker Kaspersky Lab stated on Thursday it uncovered proof that each one three campaigns may were launched through the same workforce, or facilitated by using a single group professional in working with damaging malware.
In 2012, cyber attackers damaged tens of hundreds of computer systems at Saudi Arabia’s national oil firm and Qatar’s rasgas with a deadly disease known as Shamoon, one of the crucial destructive campaigns up to now. Some U.S. officials blamed Iran.
Final year, more than 30,000 pcs at South Korean banks and broadcasting companies were hit by way of a an identical attack that cyber-safety researchers extensively believe was once launched from North Korea.
Kaspersky researcher Kurt Baumgartner advised Reuters there are “strangely placing similarities” related to the malicious tool and ways within the two campaigns and the Nov. 24 Sony assault in which a malware dubbed “Destover” was once used.
He described the similarities in depth in a technical blog revealed on Thursday on Kaspersky’s website.
Sony Pictures Malware May Be Linked to Other Damaging Attacks: Experts
“It is usually a single actor or it may be that there are trainers or folks that flow throughout teams,” Baumgartner mentioned in an interview.
He mentioned the evidence suggests hackers from North Korea are at the back of the attack on Sony, even though it’s uncertain whether or not they work right away for the government.
Not all cyber-security researchers accept as true with Kaspersky’s interpretation of the technical proof.
California-based Symantec Corp mentioned in a weblog posting on Thursday it also sees similarities between the assaults in opposition to Sony and the Shamoon marketing campaign, however attributed it to a copycat.
“There is not any evidence to suggest that the identical crew is at the back of both assaults,” Symantec mentioned on its blog.
The diverging views highlight the difficulties that legislation enforcement faces in determining the identity of the hackers answerable for the Sony breach.
Hackers often behavior attacks with the aid of digitally hopping via multiple laptop severs worldwide to masks their actual web deal with, or use “false flag” techniques to make it appear as if the attack is the work of some other nation or workforce.