A Chinese hacking group tied to the breach of security company RSA two years ago has targeted a maker of audio-visual conference equipment in a likely attempt to tap into boardroom and other high-level remote meetings, according to a report from Reuters.
Security researchers at Dell Inc’s SecureWorks unit were able to monitor the computers used by the group to process communications from machines infected with software for stealing data. Although the researchers could not determine what information was being extracted, they were able to uncover many of the companies and offices unknowingly transmitting information. The compromised computers were in five different offices of a global maker of conferencing equipment, the article reports.
SecureWorks researcher Joe Stewart told Reuters that he believes the hackers were looking for the source code, which could help them find flaws to use in future attacks.
Stewart attributes the new round of attacks to a prolific Beijing-based group that he and others have studied for years. The paper only tracks one of the three dozen sophisticated malicious software programs that the group favors. That one family of code has been used in at least 64 campaigns, including the penetration of the audio-visual equipment company, Reuters reports.