The big news over the past few months were the Aurora attacks and how they seemed to originate from China, last month Microsoft took the unusual step and released an Out-Of-Band patch for the IE6 0-Day vulnerability used in the attacks.
It was always thought the exploit originated from China due to parts of the code only being discovered on Chinese language sites, the latest news is that the actual origin of the code has been discovered by US investigators.
US investigators have pinpointed the author of a key piece of code used in the alleged cyber attacks on Google and at least 33 other companies last year, according to a new report.
Citing a researcher working for the US government, The Financial Times reports that a Chinese freelance security consultant in his 30s wrote the code that exploited a hole in Microsoft’s Internet Explorer browser. The report also says that Chinese authorities had “special access” to this consultant’s work and that he posted at least a portion of the code to a hacking forum.
According to The Financial Times report, the unnamed security consultant who wrote the exploit code is not a full-time government worker and did not launch the attacks himself. In fact, the FT says, he “would prefer not to be used in such offensive efforts.”
The reports says that when he posted the code to the hacking forum, he described it as something he was “working on.”
With a January blog post, Google announced that attacks originating from China had pilfered unspecified intellectual property from the company, and Microsoft later said the attack had exploited a hole in its Internet Explorer 6 browser. According to security researchers, at least 33 other companies were targeted by similar attacks.
Put simply, this means that the “consultant” who created the code posted a proof of concept for this exploit on a hacking forum. Then someone took this proof of concept, turned it into a working exploit and attacked 33 US based companies.
It will be interesting to watch how this story will unfold after this and if it’s going to increase the tension between the US and China governments. The whole cyberwar has been going on for quite a while now with both sides trying to secretly steal information from each other.
So far the author of the code has not been named and his real identity or purpose is still a little vague.
Source: The Register
Google Will Pay 500$ Bounty For Each Chrome Browser Bugs You Find
Google Translator Hacked
Password aren't a good defense?
In the news: Google negotiating cooperation with the NSA
Some tips to enhance your SQL Server security
How To: Create an Outlook 2003 addin using VSTO SE and Visual Studio 2005