Now the Chinese Are Hacking Us Through Our Limos

[InfoSec News <alerts () infosecnews org>]

http://killerapps.foreignpolicy.com/posts/2013/10/11/always_watching_how_chinese_hackers_combine_old_and_new_espionage_tactics

By John Reed
Foreign Policy
October 14, 2013

Kevin Mandia, CEO of the cybersecurity company Mandiant, takes a lot of 
limo rides. Normally, his limo company emails him PDF copies of his 
invoices after every trip. Recently, though, something changed.

"I've been receiving PDF invoices not from them, but from an [advanced 
hacking] group back in China; that's awesome," said Mandia in D.C. 
recently. He only caught the attack when the hackers sent receipts on days 
when he hadn't used the car service. "I forwarded them to our security 
service, and they said, 'Yup, that's got a [malicious] payload.'"

Emailing a malicious file from a fake or hijacked email account belonging 
to the acquaintance of a hacker's target is a famous cyber-espionage 
tactic called spearphishing.

Hackers often search Google or social media to find the names of their 
target's friends and co-workers. They then create a fake email address in 
the name of a friend or coworker and fire off carefully written emails 
containing malware to their target.

[...]



--
Find the best InfoSec talent without breaking your
recruiting budget! Post a Job, $99 for 31 days.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/