Slashdot Mirror

← Back to Stories (view on slashdot.org)

Experts Closing In On Google Attack Coders

Posted by samzenpus on from the sniff-them-out dept.

ancientribe writes "The targeted attacks out of China that hit Google, Adobe, and other US organizations are still ongoing and have affected many more companies than the original 20 to 30 reported. Security experts now say they are getting closer to identifying the author or authors of the malware used to breach Google and other organizations."

7 of 141 comments (clear)

  1. Boy I can't wait! by Weaselmancer · · Score: 5, Insightful

    As soon as the United States identifies the culprits in China...wow are they in trouble.

    --
    Weaselmancer
    rediculous.
    1. Re:Boy I can't wait! by Anonymous Coward · · Score: 1, Insightful

      All intelligence agencies do that.

      If you don't know who is going to be the fall guy, it's going to be you.

  2. Not Surprising by LuNa7ic · · Score: 3, Insightful

    Do you really expect that they would say anything else? "Sorry guys, this one has us stumped, we've no idea who did it." There are 15 paragraphs in TFA, and they've used them to not say a damned thing. Why did they even put this press release out?

    --
    *runs*
  3. Re:Propaganda by BhaKi · · Score: 1, Insightful

    Ah, I'm worng. Again.

    --
    The largest prime factor of my UID is 263267.
  4. The interesting bits... by chill · · Score: 3, Insightful

    About 80 percent of APT attacks use custom malware, Mandia says. "We recently took over 1,800 programs we've collected since 2008 that are all part of APT ... and ran it through AV, and only 24 percent of the malware triggered antivirus," he says. "Over a year ago, none of it was triggering AV."

    Signature-based anti-virus scanning isn't going to help. That model is broken and only useful for the "AOL mindset" of the general public. That is, the people who go "ohhhh, SHINY. [click]" and get infected by year-old malware.

    Serious pressure on software vendors to make sure their app doesn't need admin rights to run on a Windows box would be a nice step.

    --
    Learning HOW to think is more important than learning WHAT to think.
  5. Re:Propaganda by ahabswhale · · Score: 4, Insightful

    Why should they bother with the hassle of getting an exemption? More importantly, how does the fact that they do not have an exemption make them part of some government propaganda machine?

    Oh, and Chrome runs on Linux and OS-X. Not sure where you get the notion that it's Windows only.

    The only thing that doesn't hold water here is your argument.

    --
    Are agnostics skeptical of unicorns too?
  6. The villians must be found! by Ukab+the+Great · · Score: 2, Insightful

    We have to find the villains who did this nefarious thing. Otherwise, we'd lack scapegoats and would have it admit to ourselves that:

    - Adobe didn't learn a single damn lesson from Microsoft's Word Macro Virus debacles as to why allowing code to be embedded in what most users consider to be a static, non-code executing document is such a bad thing.

    - A business that supposedly hires the Best And The Brightest and discards applicants due to bad SAT scores 15 years ago got pwned.

    - Businesses were too dumb and shortsighted to update their browsers to something less obsolete and pay for a standard's compliant redesign of their web applications.

    - That most of these massive attacks are caused by script kiddies in China trying to impress girls by exploiting corporate stupidity, as opposed to Neo's elite evil twin.