Hackers of high quality technology companies like Apple, Facebook and Twitter is said to be an independent group of highly skilled people. The hacking made two years ago was made to get money from these companies.
The hacking group has no support from a national government, according to a recent research by Symantec Corp, the largest U.S. security software vendor, but has remarkable skills. It is an unknown group that has cautiously planned a small number of attacks.
Senior manager Vikram Thakur of Symantec said that the hacking group is fixated with their goal – to get the priceless items from the world’s top companies. “The only way they could use it, in our opinion, is through some financial market or by selling it,” he said.
FireEye Inc and other security companies, according to Thakur, were chasing other groups like FIN4. Even with fewer technical skills, FIN4 is more knowledgeable with the world banking investment, vigorous social engineering or fraud to find out relevant financial information and to obtain email credentials.
Some breaches of FIN4 at huge and publicly traded companies are being investigated by the U.S. Securities and Exchange Commission.
Morpho, a FIN4 group, disappeared for 6 months from the public after the Silicon Valley breaches early 2013 press reports gave a clue on the group’s modus operandi, including the Oracle’s Java platform “zero-day” blunder.
A “watering hole” technique is also used by Morpho. This method infects websites that were expected to entice their targets’ employees as visitors. A website visited by developers of iPhone was infected and was the most popular case.
There were suspicions that the Silicon Valley attacks were made by China or another country. Apple and a few of the companies infringed found no proofs that their data were stolen.
Morpho resumed to infringe a few other technology companies after disappearing in the scene says Symantec that was published in a paper Wednesday. Morpho targeted the pharmaceutical and the airline industries. Their usual targets are numerous competitors in an industry. They infect some of these companies’ machines, especially those located in the research departments.
Symantec reports that roughly 49 organizations were infringed by Morpho since 2012. This number increases every year, with most victims coming from the US, the UK, Canada and Europe.
Morpho, said Thakur, has about 10 members from all over the world. Some of the members speak English fluently while more than one has work experience at an intelligence agency.
The findings of Symantec were applauded by law enforcement agencies in the U.S. and Europe. A spokesman from Apple refused to discuss the results of Symantec research. Alternatively, Facebook, Twitter and an FBI spokesman refused to give comments.