back to article Securo-boffins link HIRED GUN hackers to Aurora, Bit9 megahacks

Security researchers have linked the “Hackers for hire” Hidden Lynx Group with a number of high-profile attacks, including an assault on net security firm Bit9, as well as the notorious Operation Aurora assault against Google and other hi-tech firms back in 2009. Hidden Lynx is a sophisticated hacking group based in China and …

COMMENTS

This topic is closed for new posts.
  1. Antony Riley
    Black Helicopters

    Chinese Hacking Group?

    Symantec were a lot more careful and stated "Much of the attack infrastructure and tools used during these campaigns originate from network infrastructure in China.", which is quite a careful statement which deliberately avoids the implication that the group itself is Chinese.

    This is quite a long way from what was stated in the article "Hidden Lynx is a sophisticated hacking group based in China...".

    Given the recent NSA kerfuffle, I thought we'd all gotten over the idea that all ne'er-do-wells on the net hail from China or Russia.

    1. Alan Brown Silver badge

      Re: Chinese Hacking Group?

      Seconded.

      A group of the level of Hidden Lynx knows more than enough to well and truely obscure its path and it just so happens that a lot of chinese network infrastructure is badly secured (personal experience whilst tracking activities of script kiddies whose location I DID know).

      The group could be Chinese. It could just as easily be Albanian, Russian, Bulgarian, Romanian or based in the Good Ol' US of A. Given the level of the pun I'd say at least some of the people involved are native english speakers.

      1. Destroy All Monsters Silver badge

        Re: Chinese Hacking Group?

        Thirded. Could be real Chinamen, but might as well be standard Kerrybait.

      2. danR2

        Re: Chinese Hacking Group?

        With 50-100 experts, one or several of them may be near-native English speakers with a lot of social and net-savvy jargon providing a false front appearance.

        Even the small, informal lulzSec had Jake Davis doing a lot of the 'talking' (although there was no intention of linguistic misdirection), and lacing the content with Briticisms, but the core leader was American Sabu.

  2. url

    does this mean that

    So Mandiant uncovered Unit 63XXX got photos of the building they operate from, and weren't able to see this group?

    At this juncture is seems as likely as not that most APT is NSA, CIA, TLA either in actuality or co-opting whomever will get their hands dirty.

    (see also - today's relaxing of embargo to provide weapons to whomever in Syria)

This topic is closed for new posts.