Hackers of Apple, Facebook Seen as Independent Group Seeking Money: Symantec

Advertisement
By Reuters | Updated: 9 July 2015 17:33 IST
A hacking group best known for breaking into top-tier technology companies Apple Inc, Facebook Inc and Twitter Inc more than two years ago is now believed to be one of a handful of highly skilled independent gangs pursuing corporate secrets for profit.

According to new research from the largest U.S. security software vendor, Symantec Corp, the group appears to be among the few that display significant talent without backing from a national government. The group stays below the radar with a small number of carefully targeted attacks.

"They are very focused, wanting everything valuable from the top companies of the world," said Vikram Thakur, a Symantec senior manager. "The only way they could use it, in our opinion, is through some financial market or by selling it."

Advertisement

Thakur said Symantec and other security companies such as FireEye Inc were tracking less than a half dozen such groups, including one called FIN4.

FIN4 has less technical skill but uses knowledge of the investment banking world and strong social engineering, or trickery, to harvest email credentials and discover material financial information. The U.S. Securities and Exchange Commission is investigating some FIN4 breaches at large, publicly traded companies.

Advertisement

Symantec said its group, which it calls Morpho, dropped out of sight for months after press accounts of the Silicon Valley breaches in early 2103 shone a light on their techniques, which included use of a previously unknown "zero-day" flaw in Oracle's Java platform.

Morpho also used a "watering hole" approach, infecting websites that were likely to attract employees of its targets as visitors. In the best-known case, a website frequented by iPhone developers was infected.

Advertisement

Some had suspected China or another country in the Silicon Valley attacks. Some of the companies breached, including Apple, said they found no evidence of data being stolen.

In a paper being released Wednesday, Symantec said Morpho came back from its absence to breach a small number of additional technology companies. It has also gone after the pharmaceutical industry and airlines, typically hitting multiple competitors in a sector and infecting a very few machines, usually in the research departments.

Advertisement

Morpho has breached about 49 organizations that Symantec knows about since 2012, with the number penetrated each year rising to 14 by 2015. The United States, Europe and Canada have the most victims.

Thakur said his team thinks the group might have about 10 members around the world, with some fluent in English and one or more perhaps having worked at an intelligence agency. They could be offering themselves for hire or could be breaking into companies on speculation and trying to sell the information or trade shares based on it.

Among the team's greatest strengths is its operational security, as it uses multiple proxies to disguise its location, employs heavy encryption where it stores digital loot, and strikes within a day or two of entry before wiping its tracks.

A break in Symantec's research came when a regular backup was made of a targeted machine during a 12-hour window when some of Morpho's custom-made navigation tools were still in use. Symantec then looked for where the same tools had been employed.

Thakur said law enforcement agencies in the United States and Europe had been apprised of Symantec's findings. An FBI spokesman did not respond to a request for comment, nor did Twitter and Facebook. An Apple spokesman declined to discuss the research.

© Thomson Reuters 2015

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement

Related Stories

Popular Mobile Brands
  1. Best Water-Resistant Smartphones You Can Buy in India
  2. How to Watch the FIFA World Cup 2026 Final Live Stream in India
  1. Redmi Note 17 Pro Global Variant Reportedly Appears on NBD Database Alongside Poco Model
  2. Google Pixel 11a Codename Reportedly Spotted in Phone App
  3. Huawei Mate XT 2 Leaked Patent Reveals New Tri-Fold Design and Folding Mechanism
  4. Airtel Unlimited 5G Data Subscribers Reportedly Cannot Share 5G Data via Mobile Hotspot: Here's What We Know So Far
  5. Lenovo Legion C700 Teased as a Cloud Gaming Handheld Ahead of August Launch
  6. Marvel's Wolverine Gets New Trailer That Will Play Ahead of Christopher Nolan's The Odyssey in Select Theatres
  7. Airtel Quietly Removes Rs. 549 Individual Postpaid Plan in India; Rs. 699 Plan Becomes Next Upgrade
  8. Poco M8 Power, Poco X8 India Launch Timeline Tipped; Could Arrive as Rebranded Redmi Note 17 Series
  9. Samsung Galaxy S25 Series Could Get Galaxy S26’s Horizontal Lock Camera Feature With One UI 9 Update
  10. Asus Pad India Launch Date Announced as Company Reveals Key Specifications
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.