Slashdot videos: Now with more Slashdot!
The attack campaign is using a series of hacked servers as command-and-control points and researchers say that the tactics and tools used by the attackers indicates that they may be located in China. The first evidence of the campaign was an attack on Digitalbond, a company that provides security services for ICS systems. The attack begins with a spear phishing email sent to employees of the targeted company and containing a PDF attachment.
In addition to the attack on Digitalbond, researchers have found that the campaign also has hit users at Carnegie Mellon University, Purdue University and the University of Rhode Island. Also, the Chertoff Group, a consultancy headed by former secretary of Homeland Security Michael Chertoff, and NJVC, another defense contractor, have been targeted. Carnegie Mellon and Purdue both have high-profile computer security programs."
Link to Original Source