A detailed report titled Hidden Lynx – Professional Hackers for Hire provides insight into a group of international hackers who have been targeting a wide array of industries, including financial institutions and defense contractors.
The report concludes that the level of sophistication displayed in the operations, as well as the diversity of the group’s targets, makes it highly likely that the attackers are supported by a nation-state.
“They use the latest techniques, have access to a diverse set of exploits and have highly customized tools to compromise target networks. Their attacks, carried out with such precision on a regular basis over long periods of time, would require a well-resourced and sizeable organization,” the report states.
The group is said to have breached some of the most secure networks in the world, with about half of the targets residing in the U.S. and a large portion located in Asia.
The report also asserts that while the group’s main focus is on what may be on nation-state supported attacks, they are also engaged in a hacker-for-hire enterprise for financial gain.
Hidden Lynx is credited with introducing “watering hole attacks” in which specific websites are compromised because they are known to be frequented by high-value targets, providing the attackers with an opportunity to infect their systems with malware.
They have also employed a Trojan that has been linked to the infamous Operation Aurora attacks.
Though accurate attribution is extremely problematic, the report does point out there are many connections between the group and resources located in China, such as the location of their malware command and control servers.
Read More Here…