Trend Micro explains how it analyzed the operation

Aug 28, 2013 23:41 GMT  ·  By

Trend Micro has released an infographic which shows how the company tracked the hacktivist operation dubbed OpUSA, a fairly unsuccessful campaign initiated by hackers against the US government. 

The IT security company has used information from its Smart Protection Network and the attackers themselves to examine the campaign.

In the first stage of the investigation, Trend Micro analyzed the patterns in the compromised URLs. Experts found that the hackers added their own URLs to the breached websites.

These URLs allowed the attackers to detect and verify compromised domains.

Based on this information, researchers determined that the hacktivists had hijacked some of the targeted websites 1 to 2 days before the official launch of the operation.

The hackers hid their trail by using compromised computers. On one of these “proxies,” experts identified 89 malicious files. The hijacked machine had been used to access 173 malicious websites in the past 30 days.