Major cyber-espionage operation exposed

Summary:"Operation Shady Rat" stole government secrets, sensitive corporate documents, and other intellectual property for five years from more than 70 public and private organizations in 14 countries.

A widespread cyber-espionage campaign stole government secrets, sensitive corporate documents, and other intellectual property for five years from more than 70 public and private organizations in 14 countries, according to the McAfee researcher who uncovered the effort. The campaign, dubbed "Operation Shady RAT" (RAT stands for "remote access tool") was discovered by Dmitri Alperovitch, vice president of threat research at the cyber-security firm McAfee.

While most of the targets have removed the malware, the operation continues, according to McAfee, which gained access to a crucial command-and-control server used by the attackers and has been monitoring the logs since 2006. Alperovitch has briefed senior White House officials, government agencies, and congressional staff and is working with U.S. law enforcement to shut down the operation's command-and-control server, according to Vanity Fair.

Typically, a target would get compromised when an employee with necessary access to information received a targeted spear-phishing e-mail containing an exploit that would trigger a download of the implant malware when opened on an unpatched system. The malware would execute and initiate a backdoor communication channe http://blogs.mcafee.com/mcafee-labs/revealed-operation-shady-rat

For more on this story, read Global cyber-espionage operation uncovered on CNET News.

Topics: Legal, Enterprise Software, Malware, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.