It has been discovered that the hackers who mounted the attacks on Google, Adobe and other companies recently breached, have targeted friends of employees that had access to proprietary data.
According to the Financial Times, the plan was simple: compromise the social network accounts of those friends, send messages with links that lead to spyware and so improve the chances of the victims clicking on the malicious link.
It obviously worked flawlessly. But, knowing now how they did it raises some serious points.
First, the attacks were obviously scrupulously planned. And second, the attacks included spying on people, so the likelihood of this being a government-sponsored effort has suddenly skyrocketed.
Security researchers also discovered that part of the code used in the attacks dates back to 2006, which means that attacks like these have been planned years ago.
Sobering facts, indeed.