Kevin Mandia believes people linked to the hackers might have attended his presentations

Oct 16, 2013 16:21 GMT  ·  By

Kevin Mandia, the CEO of IT security firm Mandiant, became famous earlier this year after the company released a detailed report on the operations of a Chinese hacker group that was allegedly backed by the People’s Liberation Army.

Since then, Mandia and his company have been in the crosshairs of hackers. The CEO has told Foreign Policy that he has received malicious PDF files purporting to represent invoices from the limo company he uses.

The limo company regularly sends Mandia PDF invoices. However, he noticed that something was amiss after receiving invoices for days on which he didn’t use the car service.

After Mandiant researchers analyzed the PDF documents, they confirmed that a malicious payload was attached to them.

Since it’s unlikely that the cybercriminals breached Mandiant’s internal networks, the most likely scenario is that individuals linked to the attackers had seen Mandia using the limo service.

“At a lot of these presentations, I'm standing here talking, and there are 10 foreign nationals from China,” he said.