Saturday, August 6, 2011

Researcher follows RSA hacking trail to China

Malware used in the attack against RSA Security earlier this year was controlled from China, a well-known botnet researcher said Wednesday.

Joe Stewart, director of malware research for Dell SecureWorks, traced the command-and-control (C&C) servers used to oversee the RSA attack to networks in Beijing and Shanghai.

"This gives us the where, but not the who," said Stewart when asked whether his work had come up with clues about the attack's architects.

In mid-March, RSA confirmed that it had been targeted by hackers who had breached its network defenses and stole proprietary information. Although RSA has never detailed what was stolen, it has admitted that information related to the company's SecurID two-factor authentication products was part of the haul. (more)