Reuters | By: Eric Auchard | Wed May 31, 2017 | 12:03pm EDT:
Veteran espionage researcher Jon DiMaggio was hot on the trail three months ago of what on the face of it looked like a menacing new industrial espionage attack by Russian cyber spies.
All the hallmarks were there: targeted phishing emails common to government espionage, an advanced Trojan horse for stealing data from inside organizations, covert communication channels for grabbing documents and clues in the programming code indicating its authors were Russian speakers.
It took weeks before the lead cyber spying investigator at Symantec, a top U.S. computer security firm, figured out instead he was tracking a lone-wolf cyber criminal.
DiMaggio won’t identify the name of the culprit, whom he has nicknamed Igor, saying the case is a run-of-the-mill example of increasing difficulties in separating national spy agency activity from cyber crime. The hacker comes from Transdniestria, a disputed, Russian-speaking region of Moldova, he said.
“The malware in question, Trojan.Bachosens, was so advanced that Symantec analysts initially thought they were looking at the work of nation-state actors,” DiMaggio told Reuters in a phone interview on Wednesday. “Further investigation revealed a 2017 equivalent of the hobbyist hackers of the 1990s.”
To read full article – please click here.