Paid Hackers Attacked 300 Banks, Businesses and Governments for 12 Years
Government (Foreign) // Other Critical Infrastructure
German hackers-for-hire went undetected for a dozen years while they compromised organizations in Germany, Switzerland and Austria.
The UK’s relatively lax requirements for “purchasing SSL security certificates were exploited by the network to create pseudo legitimate Internet service names and to use them to camouflage their fraudulent activity,” researchers at cybersecurity firm Cybertinel state in a new report.
The hackers then had total control over the targeted computers and were able to carry out their espionage undisturbed for many years.
“The damage to the organizations who have been victims in terms of loss of valuable data, income or the exposure of information related to employees and customers is immeasurable," according to Cybertinel
The “Harkonnen Operation” is detailed in the report. The companies were breached by malicious software foisted through spear-phishing emails.
The “Trojan” malware specimens detected were GFILTERSVC.exe from the generic trojan family Trojan.win7.generic!.bt and wmdmps32.exe.
The bandits spent $150,000 on hundreds of sham domain names, IP addresses and wildcard certificates to make its UK businesses appear legit.