Nearly three years ago, Google was hacked by a group that was almost certainly sponsored by the Chinese Government. But as Wired tells it, the assignment for that group wasn’t a one-off thing. In fact, they’ve executed no fewer than eight zero-day attacks on websites over the past three years, and have compromised at least 1000 computers in various sectors.
The news originally came from a research report compiled by Symantec, which says the group went after US companies in various sectors, including defence, energy, technology and finance, not to mention Chinese dissidents. All of these attacks revolved around zero-day exploits, in which the hackers — dubbed the Elderwood Group — discover any vulnerabilities and launch an attack before a developer is even aware of the issue. In 2011, there were eight total. In the past few months, Symantec says the group has pulled off four.
Wired believe it takes a sophisticated team to pull off something so complex.
In these so-called “watering hole” attacks — named for their similarity to a lion waiting for unsuspecting prey to arrive at a watering hole — an invisible iframe on the web site causes victim computers to contact a server and silently download a backdoor Trojan that gives the attackers control over the victim’s machine.
Symantec believes the gang involves several teams of varying skills and duties. One team of highly skilled programmers is likely tasked with finding zero-day vulnerabilities, writing exploits, crafting re-usable platform tools, and infecting web sites; while a less skilled team is involved with identifying targets based on various goals — stealing design documents for a military product or tracking the activities of human rights activists — and sending out the spear-phishing attacks. A third team is likely tasked with reviewing and analysing the intelligence and intellectual property stolen from victims.
But how did Symantec trace these attacks back to the Elderwood Group? Well, as it turns out, many of the same code snippets and executable files used in the Google attack were used in nearly all of the later attacks. Given how active this group is, their seemingly direct ties to China and America’s grandstanding about cybertheats, the thought of a Cyberwar with China might not be too far fetched. [Symantec via Wired]
Saturday, September 8, 2012
The Infamous Google Hackers Are Still Out There, Exploiting Our Computers
Apple takes Iphone 5 memory orders away from Samsung
APPLE HAS CUT DRAM and NAND memory module orders from its mobile devices arch-rival Samsung as it tries to move away sourcing most of its parts from its biggest competitor.
As Apple's lawyers do battle with Samsung in courtrooms around the world, the relationship between the two companies is complicated by the fact that Apple needs Samsung's memory chips and fabs, while Apple remains Samsung's largest single customer. Now reports are emerging that Apple has shifted its DRAM and NAND memory orders away from Samsung as it tries to diversify from a single source of silicon.
Apple has tapped SK Hynix and Elpida to supply it with memory modules for its upcoming Iphone 5. According to Reuters' source, Apple has kept Samsung as a supplier for the memory in the Iphone 5 though it didn't elaborate further. It is very likely Apple is still using Samsung as a wafer baker for its A series of system-on-chip (SoC) processors.
Reuters' source said, "Samsung is still in the list of initial memory chip suppliers [for new Iphones]. But Apple orders have been trending down and Samsung is making up for the reduced order from others, notably Samsung's handset business."
SK Hynix is the second largest DRAM manufacturer behind Samsung and that makes it an obvious candidate to replace Samsung. Elpida however is in the midst of bankruptcy, with shareholders arguing over whether Micron's bid to buy the firm offers a high enough price.
Apple has strongly hinted that it is looking move business away from Samsung, if for no other reason than to ensure resilience in its supply chain. Apple has also been under a bit of pressure to source more components within the US, and should Micron complete its purchase of Elpida, that shift of ownership could sit well with both firms' supporters. µ
The InquirerThursday, September 6, 2012
Apple Responds to UDID Leak, Says Did Not Provide Data to FBI
Wednesday September 5, 2012 10:04 am PDT by Eric Slivka
AllThingsD reports that Apple has issued a statement responding to this week's leak of one million unique device identifiers (UDIDs) for iOS devices, noting that it did not provide the FBI with the information. An FBI computer was claimed by the hackers to be the source of the information, but the FBI has denied any involvement in the situation.
“The FBI has not requested this information from Apple, nor have we provided it to the FBI or any organization. Additionally, with iOS 6 we introduced a new set of APIs meant to replace the use of the UDID and will soon be banning the use of UDID,” Apple spokesperson Natalie Kerris told AllThingsD.
With the AntiSec hackers claiming to be in possession of 12 million UDIDs as well as additional personal information tied to some of the numbers, it remains unclear exactly where the data came from.
Apple has been working to phase out use of the UDID, creating new tools to allow developers to track usage of their apps on a per-device basis. With the UDID being a universal identifier, it has been used by advertisers and others to collect information across apps and other usage to develop user profiles for marketing persons, and Apple's new system will seek to improve user privacy.
