Google and more than thirty other companies were affected by a hacker organization by the name of “Aurora” over three years ago. Since then, the aggressors have only gotten stronger, formed alliances, and added new weapons to their arsenal, according to cyberattack analysts.
Aurora depends primarily on unpatched vulnerabilities known as zero-days, said the researchers at Symantec. The group pinpoints zero-day vulnerabilities and targets them before they can get patched. Though Aurora has targeted mostly search engines and larger businesses, they have ventured into energy, aeronautics, and financial services in the past few months.
“This group is focused on wholesale theft of intellectual property and clearly has the resources, in terms of manpower, funding, and technical skills, required to implement this task,” said Symantec in a blog post last week.
Symantec is calling Aurora’s new campaign the Elderwood Project. The hacking organization has started to exploit previously unknown weaknesses in popular downloadable programs such as Adobe Flash Player, Microsoft XML Core Services, and Internet Explorer. Symantec has theorized that the hacker group has actually created some of the weaknesses using stolen code.
“In order to discover these vulnerabilities, a large undertaking would be required by the attackers to thoroughly reverse-engineer the compiled application,” said Symantec. “This effort would be substantially reduced if they had access to source code. The group seemingly has an unlimited supply of zero-day vulnerabilities. The vulnerabilities are used as needed, often within close succession of each other if exposure of the currently used vulnerability is imminent.”
If you download any program this coming week or have downloaded any program in the past six months, make sure to sweep your computer and associated machines with a high quality virus detection software.