{"id":430,"date":"2011-08-05T23:15:57","date_gmt":"2011-08-06T03:15:57","guid":{"rendered":"http:\/\/goodwin.drexel.edu\/isensor\/drho\/?p=430"},"modified":"2011-08-05T23:15:57","modified_gmt":"2011-08-06T03:15:57","slug":"operation-shady-rat-five-year-hack-attack-hit-14-countries","status":"publish","type":"post","link":"https:\/\/shuyuanmaryho.com\/?p=430","title":{"rendered":"Operation Shady RAT: five-year hack attack hit 14 countries"},"content":{"rendered":"<div class=\"fcbkbttn_buttons_block\" id=\"fcbkbttn_left\"><div class=\"fcbkbttn_button\">\n                            <a href=\"https:\/\/www.facebook.com\/\" target=\"_blank\">\n                                <img decoding=\"async\" src=\"https:\/\/shuyuanmaryho.com\/wp-content\/plugins\/facebook-button-plugin\/images\/standard-facebook-ico.png\" alt=\"Fb-Button\" \/>\n                            <\/a>\n                        <\/div><div class=\"fcbkbttn_like \"><fb:like href=\"https:\/\/shuyuanmaryho.com\/?p=430\" action=\"like\" colorscheme=\"light\" layout=\"standard\"  width=\"450px\" size=\"small\"><\/fb:like><\/div><\/div><p><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/shuyuanmaryho.com\/wp-content\/uploads\/2011\/07\/ScreenHunter_01-Aug.-05-23.16.gif\" alt=\"\" width=\"465\" height=\"449\" class=\"alignright size-full wp-image-433\" \/>The governments of the United States, Canada, and South Korea, as well as the UN, the International Olympic Committee, and 12 US defense contractors were among those hacked in a five-year hacking campaign dubbed &#8220;Operation Shady RAT&#8221; by security firm McAfee, which revealed the attacks. Many of the penetrations were long-term, with 19 intrusions lasting more than a year, and five lasting more than two. Targets were found in 14 different countries, across North America, Europe, India, and East Asia.<\/p>\n<p>The infiltration was discovered when McAfee came across a command-and-control server, used by the hackers for directing the remote administration tools\u2014&#8221;RATs,&#8221; hence the name &#8220;Operation Shady RAT&#8221;\u2014installed in the victim organizations, during the course of an invesigation of break-ins at defense contractors. The server was originally detected in 2009; McAfee began its analysis of the server in March this year. On the machine the company found extensive logs of the attacks that had been performed. Seventy-two organizations were positively identified from this information; the company warns that there were likely other victims, but there was not sufficient information to determine what they were.<\/p>\n<p>The attacks themselves used spear-phishing techniques that are by now standard. Apparently legitimate e-mails with attachments are sent to organization employees, and those attachments contain exploit code that compromise the employee&#8217;s system. These exploits are typically zero-day attacks. With a PC now compromised, the hackers can install RAT software on the victim PCs, to allow long-term monitoring, collection of credentials, network probing, and data exfiltration.<\/p>\n<p>http:\/\/arstechnica.com\/security\/news\/2011\/08\/operation-shady-rat-five-year-hack-attack-hit-14-countries.ars?utm_source=rss&#038;utm_medium=rss&#038;utm_campaign=rss <\/p>\n","protected":false},"excerpt":{"rendered":"<p>The governments of the United States, Canada, and South Korea, as well as the UN, the International Olympic Committee, and 12 US defense contractors were among those hacked in a five-year hacking campaign dubbed &#8220;Operation Shady RAT&#8221; by security firm &hellip; <a href=\"https:\/\/shuyuanmaryho.com\/?p=430\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[6],"class_list":["post-430","post","type-post","status-publish","format-standard","hentry","category-the-latest-news-ideas-problems-strategies-and-tactics-in-securing-cyberspace-and-virtual-organizations-discussed-by-experts-in-industries-as-well-as-academia","tag-cybersecurity"],"_links":{"self":[{"href":"https:\/\/shuyuanmaryho.com\/index.php?rest_route=\/wp\/v2\/posts\/430","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/shuyuanmaryho.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/shuyuanmaryho.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/shuyuanmaryho.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/shuyuanmaryho.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=430"}],"version-history":[{"count":0,"href":"https:\/\/shuyuanmaryho.com\/index.php?rest_route=\/wp\/v2\/posts\/430\/revisions"}],"wp:attachment":[{"href":"https:\/\/shuyuanmaryho.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=430"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/shuyuanmaryho.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=430"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/shuyuanmaryho.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=430"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}