SC DOR Hackers Used 33 Pieces of Malware to Compromise 44 Systems

It all started with a phishing email sent to several employees

By on November 21st, 2012 15:22 GMT

According to a report released on Tuesday by security firm Mandiant – the one put in charge of handling the South Carolina Department of Revenue (SC DOR) data breach – the attackers have compromised a total of 44 systems by utilizing at least 33 unique pieces of malicious software.

It turns out that on August 13, the cybercriminals sent phishing emails to a number of DOR employees. At least one of them clicked on the link contained in the notification, unleashing a piece of malware capable of harvesting usernames and passwords.

From then on, the attackers obtained more and more passwords and gained unauthorized access to several servers.

Until October 19, when the DOR started executing remediation activities, the cybercriminals were free to install backdoors, steal database backups and files, and perform other malicious tasks.

A total of 74.7 gigabytes of data have been stolen by the attackers.

Mandiant is currently working with the DOR on the implementation of long-term recommendations that will protect the organization against future security breaches.

1 Comment