'

F-Secure reveals RSA breach exploit and email

The social-engineering attack that compromised security vendor RSA has been identified by Finnish security company F-Secure.The attack harvested data that was later used in an attack against SecureID tokens used by Lockheed Martin.

The social-engineering attack that compromised security vendor RSA has been identified by Finnish security company F-Secure.

The attack harvested data that was later used in an attack against SecureID tokens used by Lockheed Martin. The hackers used a phishing email purportedly from recruitment website Beyond.com, F-Secure chief research officer Mikko Hypponen said in a blog post on Friday.

The email contained a malicious Excel file that dropped the Poison Ivy backdoor, which gave the hackers access to RSA systems.