McAfee says nothing shady about Shady RAT

By on
McAfee says nothing shady about Shady RAT

Don't believe it? You've got no clue.

If you think the global cyber-espionage attacks in Shady RAT are hype, then you're "clueless" according to then discoverer of the attacks.

Threat research vice president Dmitri Alperovitch hit back at criticism that the attacks were hype and were standard fare for cyber security intrusions.

"If you think this is an unsophisticated botnet then you've got no clue, or you're not willing to talk about it," Alperovitch said.

"These were targeted compromises of a wide range of organisations, in every sector. These were very specific victims.

"It was not an automated attack. It had humans working at the ends and they adapt to a target's defences."

Seventy high-profile organisations like defence contractors, governments and enterprises fell victim to the attacks. Each was hit with social engineering attacks and various exploits, Alperovitch said.

Symantec noted that a trojan used in the attacks pointed to servers that hid commands within images. The malware was delivered by infected files exploiting software like Excel, Word and Adobe.

It said the attack was significant, but was "one of many similar attacks taking place daily".

"Is the attack described in Operation Shady RAT a truly advanced persistent threat? I would contend that it isn’t, especially when you

consider the errors made in configuring the servers and the relatively non-sophisticated malware and techniques used in this case. Sure the people behind it are persistent but no more so than the myriad of other malware groups out there such as Zeus, Tidserv, and others like them," researcher Hon  Lau said in a blog.

Alperovitch joked that the criticism was from security companies that "wished they had reported on [Shady RAT] first".

He declined to comment on speculation that the perpetrators of the alllegedly state-sponsored attacks were based in China.

Analysis of the logs in Shady RAT uncovered that victims were:

  • 22 government agencies
  • 13 defence contractors
  • 12 communications firms
  • 12 non-profit think tanks
  • six engineering firms
  • four from private industry
  • 49 were in the US based
  • four in Canada
  • two each in Britain, Japan and Switzerland

Copyright © SC Magazine, Australia

Tags:

Most Read Articles

Log In

Username:
Password:
|  Forgot your password?