Skip to main content

Aurora’s Attacks on Google Still Occurring

By September 10, 2012March 6th, 2023Cybersecurity

Google and more than thirty other companies were affected by a hacker organization by the name of “Aurora” over three years ago. Since then, the aggressors have only gotten stronger, formed alliances, and added new weapons to their arsenal, according to cyberattack analysts.

Aurora depends primarily on unpatched vulnerabilities known as zero-days, said the researchers at Symantec. The group pinpoints zero-day vulnerabilities and targets them before they can get patched. Though Aurora has targeted mostly search engines and larger businesses, they have ventured into energy, aeronautics, and financial services in the past few months.

“This group is focused on wholesale theft of intellectual property and clearly has the resources, in terms of manpower, funding, and technical skills, required to implement this task,” said Symantec in a blog post last week.

Symantec is calling Aurora’s new campaign the Elderwood Project. The hacking organization has started to exploit previously unknown weaknesses in popular downloadable programs such as Adobe Flash Player, Microsoft XML Core Services, and Internet Explorer. Symantec has theorized that the hacker group has actually created some of the weaknesses using stolen code.

“In order to discover these vulnerabilities, a large undertaking would be required by the attackers to thoroughly reverse-engineer the compiled application,” said Symantec. “This effort would be substantially reduced if they had access to source code. The group seemingly has an unlimited supply of zero-day vulnerabilities. The vulnerabilities are used as needed, often within close succession of each other if exposure of the currently used vulnerability is imminent.”

If you download any program this coming week or have downloaded any program in the past six months, make sure to sweep your computer and associated machines with a high quality virus detection software.

Chris Forte

Chris Forte, President and CEO of Olmec Systems, has been in the MSP workspace for the past 25 years. Chris earned his Master’s Degree from West Virginia University, graduating Magna Cum Laude. He was a past member of the Entrepreneurs’ Organization, a current member of the New Jersey Power Partners and Executive Association of New Jersey, where he has previously served on its board of directors. In his spare time, Chris enjoys traveling with his family. He also admits to being a struggling golfer and avid watcher of college football and basketball. He currently lives in Boonton Township, NJ with his wife, two daughters, son, and black lab Luna.