[Screenshot: Graphic showing how the Elderwood gang conducts its attacks]
It's been more than two years since Google broke corporate protocol by revealing that it had been the victim of a persistent and sophisticated hack, traced to intruders in China that the company all but said were working for the government.
And it turns out the hacker gang that hit the search giant hasn't been resting on its reputation; it's been busy targeting other companies and organizations, using some of the same methods of attack, as well as a remarkable menu of valuable zero-day vulnerabilities. The attackers used at least eight zero-days in the last three years, including ones that targeted the ubiquitous software plugin Flash and Microsoft's popular IE browser.
Researchers at Symantec traced the group's work after finding a number of similarities between the Google attack code and methods and those used against other companies and organizations over the last few years.
The researchers, who describe their findings in a report published Friday, say the gang — which they have dubbed the "Elderwood gang" based on the name of a parameter used in the attack codes — appears to have breached more than 1,000 computers in companies spread throughout several sectors - including defense, shipping, oil and gas, financial, technology and ISPs. The group has also targeted non-governmental organizations, particularly ones connected to human rights activities related to Tibet and China.
Continued : http://www.wired.com/threatlevel/2012/09/google-hacker-gang-returns/
Google Hackers Exploit Eight Zero-Days To Hit Defence Firms
From spear phishing to watering holes