Cyber ring stole secrets for gaming US stock market: FireEye


  • TECH
  • Tuesday, 02 Dec 2014

SOPHISTICATED ATTACK: Cybersecurity firm FireEye Inc says it has uncovered a cyberespionage ring focused on stealing corporate secrets for the purpose of gaming the stock market.

BOSTON: Security researchers say they have uncovered a cyberespionage ring focused on stealing corporate secrets for the purpose of gaming the stock market, in an operation that has compromised sensitive data about dozens of publicly held companies. 

Cybersecurity firm FireEye Inc, which disclosed the operation on Monday, said that since the middle of last year, the group has attacked email accounts at more than 100 firms, most of them pharmaceutical and healthcare companies. 

Victims also include firms in other sectors, as well as corporate advisors including investment bankers, attorneys and investor relations firms, according to FireEye. 

The cybersecurity firm declined to identify the victims. It said it did not know whether any trades were actually made based on the stolen data. 

Still, FireEye Threat Intelligence Manager Jen Weedon said the hackers only targeted people with access to highly insider data that could be used to profit on trades before that data was made public. 

They sought data that included drafts of US Securities and Exchange Commission filings, documents on merger activity, discussions of legal cases, board planning documents and medical research results, she said. 

"They are pursuing sensitive information that would give them privileged insight into stock market dynamics," Weedon said. 

The victims ranged from small to large cap corporations. Most are in the United States and trade on the New York Stock Exchange or Nasdaq, she said. 

An FBI spokesman declined comment on the group, which FireEye said it reported to the bureau. 

The security firm designated it as FIN4 because it is number 4 among the large, advanced financially motivated groups tracked by FireEye. 

The hackers don't infect the PCs of their victims. Instead they steal passwords to email accounts, then use them to access those accounts via the Internet, according to FireEye. 

They expand their networks by posing as users of compromised accounts, sending phishing emails to associates, Weedon said. 

FireEye has not identified the hackers or located them because they hide their tracks using Tor, a service for making the location of Internet users anonymous. 

FireEye said it believes they are most likely based in the United States, or maybe Western Europe, based on the language they use in their phishing emails, Weedon said. 

She said the firm is confident that FIN4 is not from China, based on the content of their phishing emails and their other techniques. 

Researchers often look to China when assessing blame for economically motivated cyber espionage. The United States has accused the Chinese government of encouraging hackers to steal corporate secrets, allegations that Beijing has denied, causing tension between the two countries. 

Weedon suspects the hackers were trained at Western investment banks, giving them the know-how to identify their targets and draft convincing phishing emails. 

"They are applying their knowledge of how the investment banking community works," Weedon said. — Reuters

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 1
Cxense type: free
User access status: 3
   

Next In Tech News

As of iOS 14.4, Apple lets you get more volume out of your iPhone
Need a professional photo? In pandemic times, you can do it yourself
Biden revokes Trump order that sought to limit social media firms' protections
Stock photography: Tips for turning your photos into cash
'Chaos Monkeys' author calls Apple's statement on his departure defamatory
TeamViewer adds 2FA for extra security on Windows
Vivaldi browser wants to end annoying 'accept cookies' banners
Ransomware gangs disrupted by response to Colonial Pipeline hack
Exclusive: Personal finance startup NerdWallet files for U.S. IPO - sources
Facebook to defend itself against 'damaging' Irish data privacy probe

Stories You'll Enjoy


Vouchers