|Main Archive Page > Month Archives > infosec-news archives|
By Trent Nouveau
August 18, 2011
A massive Pastebin dump of domain names and IP addresses appears to be
linked to a Sino-cyber espionage ring.
The data - posted on August 15th by an unknown individual - lists
approximately 850 entries which are allegedly exploited to facilitate
command and control operations.
"My motivation is purely selfless in nature and I only wish the security
community to improve upon what has already been done in this realm. Most
of the security community is a fraud and continues to subsist on
half-assed analyses and bogus data. All information was compiled from
open sources and leaked information; no customer-based data was used for
the analysis," 'RSA Employee #15666' wrote in a recent Pastebin post.
"My sincerest apologies go out to those with ongoing monitoring
operations on any of the IP addresses involved. These attacks have
targeted US and Canadian companies almost exclusively for at least five
years; the tools, tactics, and procedures have changed very little
during that timeframe and continue to be extremely effective."
According to #15666, the cyber espionage ring is motivated primarily by
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.