(Bloomberg) -- A Swiss cybersecurity firm says it has accessed servers used by a hacking group tied to the SolarWinds breach, revealing details about who the attackers targeted and how they carried out their operation. The firm, PRODAFT, also said the hackers have continued with their campaign through this month.
PRODAFT researchers said they were able to break into the hackers’ computer infrastructure and review evidence of a massive campaign between August and March, which targeted thousands of companies and government organizations across Europe and the U.S. The aim of the hacking group, dubbed SilverFish by the researchers, was to spy on victims and steal data, according to PRODAFT’s report.
SilverFish carried out an “extremely sophisticated” cyber-attack on at least 4,720 targets, including government institutions, global IT providers, dozens of banking institutions in the U.S. and EU, major auditing/consulting firms, one of the world’s leading Covid-19 test kit manufacturers and aviation and defense companies, according to the report.
The hackers used other methods to attack their victims besides the vulnerability in SolarWinds’s software, according to the researchers.
The researchers don’t attribute the attacks to a known hacking organization or a country, though they describe SilverFish as an “APT group.” APT stands for advanced persistent threat, and APT groups are often associated with state-backed hacking organizations. PRODAFT researchers said in an interview that the hackers bore some hallmarks of a state-sponsored group, including not being motivated by money and targeting critical infrastructure. But they said more analysis was required to make a definitive determination.
As a result, it isn’t clear from the report if SilverFish is a hacking or ..
Support the originator by clicking the read the rest link below.
