Operation Shady RAT is a cyber espionage campaign that hit government and corporate websites to collect sensitive data for over five years. It was uncovered in August 2011, and continued even after that. Within that time frame, it stole intellectual property and strategic information from 70 companies and 14 nations.
RAT (Remote Access Tool) is a technique that hackers use to gain access to computers and servers that allows it to siphon off data.
The operation was uncovered by Dmitiry Alperovitch, vice president of threat research at the cyber-security firm McAfee.
Online tech magazine cnet.com writes:
Typically, a target would get compromised when an employee with necessary access to information received a targeted spear-phishing e-mail containing an exploit that would trigger a download of the implant malware when opened on an unpatched system. The malware would execute and initiate a backdoor communication channel to the command-and-control server, Alperovitch wrote in the report.
Read the complete report on the McAfee blog.
The list of high-profile victims includes the United States, Taiwan, India, South Korea, Vietnam and Canada. Of these 49 were American, but Asian interests were 13. The United Nations, the International Olympic Committee, the World Anti-Doping Agency and numerous tech companies — some with high-profile military contracts — were also targeted, Reuters reported.
McAfee believed that the attacks were state sponsored, and the suspicion pointed to China, given its chequered history of state sponsored hack attacks.
Updated Date: Aug 04, 2011 23:06:33 IST