- V3 Apps
The hackers responsible for 2010's infamous "Operation Aurora" attack are still using a sophisticated arsenal of security flaws and infiltration techniques to steal corporate information, say experts.
Security researchers with Symantec have issued a report outlining the techniques used by the so-called "Edgewood" hacking platform and the group behind it. The company said that the group is well-funded and armed with more than a half-dozen unpublished security vulnerabilities.
"Although there are other attackers utilising zero-day exploits, we have seen no other group use so many," Symantec researchers Gavin O'Gorman and Geoff McDonald said in the report.
"The number of zero-day exploits used indicates access to a high level of technical capability."
The researchers said that the group appears to favour "watering hole" attacks techniques in which the attacker profiles a targeted group and places attack code into sites which the targets are likely to visit.
Additionally, the group is believed to use spear-phishing techniques to infect the systems of targeted individuals and organisations.
Overall, the group appears to be targeting companies in the defence and aeronautics sector, though researchers noted that targets have ranged from weapons manufacturers to software vendors and even non-government organisations.
Though incidents were noted in the UK, British firms are not believed to be a significant target for the attackers.
According to the report, the US is the most popular target for the attacks, with American firms accounting for 72 per cent of incidents. Canada, China, Hong Kong and Australia were also popular targets.
While Symantec did not indicate where the group behind the attacks was based, past reports have suggested that the hackers are part of a state-sponsored operation based in mainland China.