|
CNBC'S MOST SHARED
- Investing in Tech Now
- Warren Buffett Tells CNBC Consumer Sales Remain "Very, Very Soft"
- Software Giants Rush to Cash In on Carbon Counting
- Preparing for Retirement
- What You'll See On My NASCAR Documentary Tonight
- Warren Buffett's Complete Sun Valley CNBC Interview - Transcript and Video
- Microsoft Plays a Game of Bing Pong
- How exactly does Twitter plan on making money?
- Playing by Different Rules
- Nikkei on Track to Break 6-Day Losing Streak
- GM CEO Vows Leaner and Better Company To Emerge
- GM CFO Young: No Positive Cash Flow Until 2009
- Consumers' Mood Sours in Early July
- World Has Avoided Economic Disaster, Obama Says
- Less Demand for Fed's Emergency Backstops
- Obama Struggles With His Healthcare Overhaul
- Claims Total Over 15,400 in Fraud by Madoff
- UBS Can't Comply with US Request: Internal Memo
- Cisco Cutting up to 2,000 Jobs, Analyst Says
- Schork Oil Outlook: It’s Now or Never for the Bulls
- Social Networking's 'Naked' Truth
- Farrell: Let's Enjoy the Numbers for a Moment
- Call Of Shame - Vote Now
- Schmidt on Social Media, Ads and Hulu
- 15 Stocks to Consider
- Maximum Bob Goes Full Throttle For GM
- Najarian: Options Get Bullish on Cisco
- Sun Valley on Social Media
Hackers stole information from the U.S. Department of Transportation and several U.S. corporations by seducing employees with fake job-listings on ads and e-mail, a computer security firm said on Monday.
The list of victims included several companies known for providing security services to government agencies.
They include consulting firm Booz Allen, computer services company Unisys Corp. [UIS
Loading...
()
] , defense contractor L-3 Communications, computer maker Hewlett-Packard [HPQ
Loading...
()
] and satellite network provider Hughes Network Systems, a unit of Hughes Communications [HUGH
Loading...
()
] , said Mel Morris, chief executive of British Internet security provider Prevx.
Hewlett-Packard declined comment, while officials with other companies couldn't be reached for comment. A Department of Transportation spokeswoman said the agency couldn't find any indication of a security breach.
Malicious programs were able to pass sophisticated security systems undetected because that software hadn't been instructed that they were dangerous. Hackers only targeted a limited group of personal computers, which kept traffic down and allowed them to stay under the radar of security police who tend to identify threats when activity reaches a certain level.
"What is most worrying is that this particular sample of malware wasn't recognized by existing antivirus software. It was able to slip through enterprise defenses," said Yankee Group security analyst Andrew Jaquith, who learned of the breach from Morris.
It was not clear whether the hackers used information stolen from the personal computers, Morris said.
Internet security firms began to release patches to fight the malicious software on Monday night.
Internet Security
Trend Micro [TMIC
Loading...
()
] , for example, has sent its customers software that prevents the malware from being installed on computers. It also blocks browsers from going to Web sites that the company has identified as being infected with the dangerous programs, said company spokesman Mike Haro.
"This is a serious threat. It shows how sophisticated hackers have become," Haro said.
A piece of software, NTOS.exe, probes the PC for confidential data, then sends it to a Web site hosted on Yahoo! [YHOO
Loading...
()
] . That site's owner is likely unaware that it is being used by hackers, Morris said.
That Web site hosts data that had been stolen from more than 1,000 PCs and encrypted before it was posted on the site, according to Morris.
He said that he believes the hackers have set up several "sister" Web sites that are collecting similar data from other squadrons of malware.
Officials with Yahoo weren't available for comment.
Morris said that he had downloaded the data from the Web site and decrypted it at the request of investigators from the FBI's Law Enforcement Online, or LEO, program, who were looking into the matter.
An FBI spokesman declined comment, saying it is agency policy to neither confirm nor deny whether an investigation is ongoing.









