Slashdot Mirror

← Back to Stories (view on slashdot.org)

McAfee Disclaims Claims of Chinese Involvement in 'Shady RAT'

Posted by timothy on from the not-in-so-many-words dept.

hackingbear writes "In an interview with Chinese official Xinhua news agency, McAfee said no direct evidence suggests a particular nation such as China is behind Operation Shady RAT, a five-year cyber campaign discovered by McAfee. Alperovitch told Xinhua that they 'don't have direct evidence that conclusively points to a particular nation state' behind the scheme. So the same online security industry that has propagated Chinese cyber threats in front of Western media denies they made such suggestion of China, another of their major markets." Also on the Shady RAT front, reader kermidge writes with a post from Hon Lau at Symantec containing details lacking in McAfee's Wednesday report; included are examples of the vectors and commands used, along with cogent commentary.

2 of 56 comments (clear)

  1. Why is this supposed to be a government attack? by aaaaaaargh! · · Score: 4, Interesting

    Reading the details I really wonder why this is supposed to be a government-backed up attack. Neither the trojan nor the attack vector described by the guy from Symantec look very sophisticated to me. From a government-sponsored attack I'd at least expect some previously unknown exploits, rootkit, traffic tunneling, anti-virus product circumvention and generally more efforts to hide that there is a trojan or an outgoing connection.

    There must be something missing. So, what's so special about this particular persistent attack?

  2. This is why... by Anonymous Coward · · Score: 5, Insightful

    You should never get your security analyses from the same people who sell security products.

    It's like asking a car dealer how expensive a car you need.