Security researchers say they have uncovered a cyber espionage ring focused on stealing corporate secrets for the purpose of gaming the stock market, in an operation that has compromised sensitive data about dozens of publicly held companies.
Cybersecurity firm FireEye Inc, said that since the middle of last year, the group has attacked email accounts at more than 100 firms, most of them pharmaceutical and healthcare companies, said Reuters.
Victims also include firms in other sectors, as well as corporate advisors including investment bankers, attorneys and investor relations firms, according to FireEye.
"FireEye Threat Intelligence Manager Jen Weedon said the hackers only targeted people with access to highly insider data that could be used to profit on trades before that data was made public," said Reuters. "They sought data that included drafts of U.S. Securities and Exchange Commission filings, documents on merger activity, discussions of legal cases, board planning documents and medical research results, she said."
The victims ranged from small to large cap corporations. Most are in the United States and trade on the New York Stock Exchange or Nasdaq, Reuters said.
According to Reuters, the hackers don't infect the PCs of their victims. Instead they steal passwords to email accounts, then use them to access those accounts via the Internet, They expand their networks by posing as users of compromised accounts, sending phishing emails to associates, the report said.
FireEye said it believes they are most likely based in the United States, or maybe Western Europe, based on the language they use in their phishing emails, Weedon said.