Hackers breached security firm Bit9, then attacked its customers

Advertisement
By Reuters | Updated: 11 February 2013 19:53 IST
Hackers breached security firm Bit9, then attacked its customers
Security software maker Bit9 on Friday said that computer hackers have breached its network, then launched a second round of attacks against some of its customers.

The hackers accessed a system that Bit9 said it uses to digitally sign its software to let customers know it is safe to run on their computers. The hackers then forged Bit9's digital signature on malicious software, which they used to attack some of its customers, according to the privately held company.

Bit9 said in a blog post on Friday that it believed the hackers were able to access one of its internal systems because the company had failed to properly install its own software throughout its network.

Bit9, which has about a 1,000 customers including U.S. government agencies and major defense, energy and financial companies, is one of the leading providers of security technology known as "white listing."

Unlike traditional anti-virus software, which seeks to block malicious programs, white listing looks to protect systems from attack by only allowing computers to run programs from trusted vendors.

Advertisement

"Due to an operational oversight within Bit9, we failed to install our own product on a handful of computers within our network," Chief Executive Patrick Morley wrote on Bit9's blog. "As a result, a malicious third party was able to illegally gain temporary access to one of our digital code-signing certificates that they then used to illegitimately sign malware."

After discovering the breach, Bit9 said it identified three customers who were attacked with malicious software that was digitally signed with falsified credentials.

Advertisement

A Bit9 spokesman declined to identify the victims, describe the capabilities of the malicious software used in the attacks or say if the hackers had succeeded in harming its clients.

It is not the first time that hackers have breached a security firm as part of a sophisticated scheme to access data at one of their customers.

Advertisement

EMC Corp's RSA Security division disclosed that it was breached in 2011. Two months later hackers used information stolen about RSA's SecurID system to launch attacks against Lockheed Martin Corp.

Bit9's website said its customers include the U.S. military, intelligence agencies, five of the top 10 aerospace and defense companies in the Fortune 500, six of the top 10 petroleum refineries and three of the top 10 banks.

The company raised $35 million in funding in July from a group of investors led by Sequoia Capital. Other investors include Atlas Venture, Highland Capital Partners, Kleiner Perkins Caufield & Byers and .406 Ventures.

© Thomson Reuters 2013

 

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Advertisement
Popular Mobile Brands
  1. OnePlus Nord 5 and Nord CE 5 Colour Options, Key Features Leaked
  2. Poco F7 5G to Launch in India and Global Markets on This Date
  3. Trump Mobile T1 Phone With 5,000mAh Battery Announced; See Price, Features
  4. Samsung Galaxy S25 Ultra Price in India Discounted for a Limited Time
  5. OnePlus Pad Lite, OnePlus Watch 3 43mm Set to Launch on This Date
  6. Oppo K13 Turbo Pro Key Specifications Leaked Online
  7. Samsung Galaxy Watch 8 Series Design Revealed in New Leaked Renders
  8. Google Pixel 10 Series May Get a Tele-Macro Camera: All Details
  9. OnePlus 15 May Get a Big Design Overhaul
  10. ChatGPT Will Now Let You Search the Web With an Image
  1. Google Unveils India-Focused Safety Charter, Shares How It Is Using AI to Combat Online Frauds and Scams
  2. Realme Buds Wireless 5 Lite India Launch Date Set for June 23; Availability Details, Key Features Revealed
  3. Prince of Persia: Sands of Time Remake Remains "Deep" in Development, Says Ubisoft
  4. Trump Mobile T1 Smartphone With 6.8-Inch Display, 5,000mAh Battery Announced; Price, Specifications
  5. Samsung Galaxy S25 Ultra Price in India Discounted for a Limited Time: Check Offers, Availability
  6. Poco F7 5G India Launch Date Set for June 24; to Debut in Global Markets On the Same Day
  7. Meta AI App Now Shows a Warning Message to Dissuade Users from Publicly Sharing Private Chats
  8. OnePlus Pad Lite, OnePlus Watch 3 43mm to Launch on July 8 Alongside Nord 5 Series
  9. Samsung Galaxy Watch to Get Bedtime Guidance, Vascular Load Features With One UI 8 Watch Update
  10. OnePlus Nord 5 and Nord CE 5 Colour Options, Key Specifications Leaked
Gadgets 360 is available in
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.