Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword
Like this
4Activity
0 of .
Results for:
No results containing your search query
P. 1
Hidden Lynx

Hidden Lynx

Ratings: (0)|Views: 5,729|Likes:
Published by Andrew Blake
Hidden Lynx
Hidden Lynx

More info:

Categories:Topics
Published by: Andrew Blake on Sep 19, 2013
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

07/11/2014

pdf

text

original

 
SECURITY RESPONSE
The Hidden Lynx group is a professional team of attackerswith advanced capabilities.
Follow us on Twitter@threatintel Visit our Bloghttp://www.symantec.com/connect/symantec-blogs/sr
Hidden Lynx – ProfessionalHackers for Hire
Stephen Doherty,Jozsef Gegeny,Branko Spasojevic,Jonell Baltazar
Version 1.0 – September 17, 2013
 
CONTENTS
OVERVIEW .....................................................................3Background ...................................................................5Who are the Hidden Lynx group? ..................................5Who are their targets? ..................................................7What is their motivation? ..............................................7Corporate Espionage ...............................................8Attacks against government contractors ................8What are they capable of? ............................................8Subverting trust protection models ........................8Advanced zero-day access ....................................13Supply chain attacks .............................................14Conclusion ...................................................................16Appendix .....................................................................18Related attacks ......................................................18Resources ....................................................................25Symantec Protection ...................................................26
 
The Hidden Lynx group is a professional team of attackers with advanced capabilities. Theywere responsible for the compromise of security firm Bit9’s digital code-signing certificatewhich was used to sign malware. The Bit9 breach was part of the much larger VOHOcampaign and that campaign was just one of many operations undertaken by the group overthe last four years.The group likely offers a “hackers for hire” operation and is tasked with retrieving specificinformation from a wide range of corporate and government targets. They are a highlyefficient team who can undertake multiple campaigns at once, breach some of the world’sbest-protected organizations and can change their tactics quickly to achieve their goal.They usually attack using multiple customized Trojans designed for specific purposes.Backdoor.Moudoor is used for larger campaigns and has seen widespread distribution whileTrojan.Naid is reserved for special operations against high value targets. The group usescutting-edge attack techniques which makes this team stand out from other major attackgroups.This paper takes an in-depth look at the Hidden Lynx group, their targets and theirmotivations. It will look into their capabilities and attack strategies through their attackcampaigns including the Bit9 incident.
OVERVIEW

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->