A hacking team with unusual skill and persistence has penetrated more than 100 organizations around the world, including US defense contractors, investment banks, and security companies whose sole purpose is to defend against such attacks, according to a detailed report.
One of the best known exploits of the so-called Hidden Lynx group was the devastating compromise of security firm Bit9 in 2012. The Waltham, Massachusetts, company provides an “application whitelisting” service that allows customers to run only a small set of approved software on their PCs and networks. By hacking into the company’s servers and stealing the private cryptographic keys Bit9 used to digitally sign legitimate apps, the intruders were able to infect more valuable targets inside military contracting firms who used the service.
Until now, little has been known about the group responsible for the Bit9 attack. Now, a detailed report released by security firm Symantec reveals it was a highly organized gang of hackers that has breached some 100 companies and government organizations around the world since 2009. They’re dubbed the Hidden Lynx gang, based on a text string found on one of the command and control (C&C) servers they use to communicate with infected machines inside the organizations they compromise.