Tuesday, August 2, 2011

McAfee Uncovers Operation Shady Rat

McAfee has identified 72 compromised parties that have fallen victim to cyber intrusion and massive data breaches in what is being called "Operation Shady RAT." (RAT is an acronym for remote access tool).
The attacks, which have been underway since mid-2006, have been traced by McAfee back to one specific Command & Control server used by the intruders. Intrusions tend to last from one to 28 months, before they are discovered and fixed or till the attacker moves on after having stolen the valuable intellectual property or data.
McAfee says its analysis points to one state actor who is most likely to benefit from stolen intellectual property and government secrets from the U.S., the U.K., Taiwan, Vietnam, Korea, U.N., IOC and ASEAN organizations. Operation Shady RAT is described in a blog posting by Dmitri Alperovitch, Vice President of Threat Research at McAfee Labs. http://blogs.mcafee.com/mcafee-labs/revealed-operation-shady-rat

See also