This site may earn affiliate commissions from the links on this page. Terms of use.
A presentation at the Black Hat (virtual) Security Conference this week revealed details of a number of hacking operations aimed at the Taiwanese semiconductor industry. The Taiwanese security firm CyCraft presented details of its investigation at the conference. At least seven Taiwanese companies were penetrated in an attack CyCraft refers to as “Operation Skeleton Key,” due to the use of a “skeleton key” injector technique. While CyCraft has nicknamed the group Chimera, there’s evidence of ties to mainland China and possibly to government-sponsored hacking groups.
“This is very much a state-based attack trying to manipulate Taiwan’s standing and power,” Chad Duffy, one of the CyCraft researchers who worked on the company’s long-running investigation, told Wired. The sort of wholesale theft of intellectual property CyCraft observed “fundamentally damages a corporation’s entire ability to do business,” adds Chung-Kuan Chen, another CyCraft researcher who will present the company’s research at Black Hat today. “It’s a strategic attack on the entire industry.” Last year, we covered a major malware problem involving Asus. The company’s software had been hijacked by malicious code inserted into Asus’ own software and pushed out by the company’s servers. What made these attacks interesting was that the software in question was clearly targeted at specific individuals. Once the malware was loaded on to a system, it checked the MAC address against a list of ~600 specific addresses before downloading additional payloads from a command and control server. This kind of sophisticated attack takes exactly the opposite approach of your typical ..
Support the originator by clicking the read the rest link below.
