RSA's SecurID Breach Linked to China, Researcher Says

A Dell security researcher says the hackers involved used a Chinese hacking tool and sent data to Chinese ISPs.

NetworkWorld: Dell security researcher Joe Stewart says that the hackers who stole RSA SecureID tokens last spring had ties to China. According to Stewart, the individuals involved used two pieces of malware based on HTran, a common hacker tool that was developed in China. In addition, he has discovered that the malware was directing data traffic to two networks in China, which appear to be ISPs in Beijing and Shanghai.

"It's not surprising that hackers using a Chinese hacking tool might be operating from IP addresses in the PRC," said Steward's report. "Most of the Chinese destination IPs belong to large ISPs, making further attribution of the hacking activity difficult or impossible without the cooperation of the PRC government."

Tags: hack attacks

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.



IT Management Daily
Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that datamation.com may send you Datamation offers via email, phone and text message, as well as email offers about other products and services that Datamation believes may be of interest to you. Datamation will process your information in accordance with the Quinstreet Privacy Policy.