A report came out today that said that more than 48 hacks targeted towards Chemical and Defense companies were coordinated by a one man team in China! More than 50 companies were affected by this cyber attack which was traced back to a single guy in China conducting these attacks. Symantec found that systems belonging to the hacked outfits were infected with malicious software known as “PoisonIvy”. PiosonIvy was designed to steal information such as design documents, formulae and details on the manufacturing processes of various chemicals including weapons.
It was reported that Several Fortune 100 companies were the victims of these attacks. The attacks appear to be entirely for industrial espionage and the interesting part was all of these attacks were traced to a computer system owned by a man in his 20’s in Hebei province in northern China. Symantec found proof that the same computer was used to mine through the data that it got from the attacks.
The standard method of attack was to send emails with tainted attachments to between 100 and 500 employees at a company, claiming to be from established business partners or to contain bogus security updates. When the victim opens the attachment, it installs “PoisonIvy” which is a Remote Access Trojan to take control of a machine.