Leave a comment

Hackers use free Google services in 'Poisoned Hurricane' attack

Usually hackers have to find a flaw to in a website or network, but in the case of "Poisoned Hurricane" they just got really creative.

The cybercriminals behind the attack used Google Developer and a free domain service called Hurricane Electric to hide its malware activity and get away with information from companies in the U.S. and Asia. Security Firm FireEye uncovered the attack when it was looking into one of the infected systems.

The compromised computers were discovered in multiple U.S. and Asian Internet infrastructure service providers, a financial institution, and an Asian government organization. FireEye did not disclose the name of the victims.

The hackers broke into company networks and installed malware to steal information. That's all pretty standard. But, then they used Google Developer and Hurricane Electric to throw network administrators off their scent. They redirected traffic from the malware through those services and used them to make it look like legitimate Internet traffic.

The malware disguised its traffic by including forged HTTP headers of legitimate domains. FireEye identified 21 legitimate domain names used by the attackers.

FireEye notified Google and Hurricane Electric about the situation and both have dealt with the situation. The way the hackers got away with the information was creative, but they couldn't have gotten started without infecting computers with malware. Protect your computer from an attack like this with the tools in my Security Center.

View Comments ()
BGPocalypse: This could be why your Internet is so slow
Previous Happening Now

BGPocalypse: This could be why your Internet is so slow

Web-surfing is the newest competitive sport
Next Happening Now

Web-surfing is the newest competitive sport