The FBI is warning that members of the hacktivist group Anonymous hacking collective have secretly accessed US Government computers and stolen sensitive information in a campaign that began almost a year ago.
The Hacktivists have exploited a flaw in Adobe applications to compromise the target systems and install software backdoors to maintain the control of the victims computers over the time, the facts dated back to last December, according to a Reuters report.
The hacking campaign affected the U.S. Army, Department of Energy, Department of Health and Human Services, and other government agencies, FBI reveals.
The Federal Bureau of Investigation memo called the hacking campaign "a widespread problem that should be addressed." and provided useful information for system administrators that how to determine if their networks were compromised.
Government investigators are investigating the scope of the hacking, believed that hackers are still operating under coverage.
"According to an internal email from Energy Secretary Ernest Moniz' chief of staff, Kevin Knobloch, the stolen data included personal information on at least 104,000 employees, contractors, family members and others associated with the Department of Energy, along with information on almost 2,0000 bank accounts. The email, dated October 11, said officials were "very concerned" that loss of the banking information could lead to thieving attempts." states Reuters post.
It seems that the hacking campaign was linked to the case of Lauri Love, a British resident indicted on October 28 for allegedly breaking into computers at the Department of Energy, Army, Department of Health and Human Services, the U.S. Sentencing Commission and elsewhere.
Law enforcement sustains that attacks began when Love and other members of the group of hacktivists exploited a security flaw in Adobe's ColdFusion application, of course Adobe spokeswoman declined any responsibility and declared that similar attacks are possible only if targeted systems are not updated with the latest security patches.
Law enforcement confirmed that some of the stolen information on the latest campaign had previously been disclosed by Anonymous members during the "Operation Last Resort."
Despite the earlier disclosures, "the majority of the intrusions have not yet been made publicly known," "It is unknown exactly how many systems have been compromised, but it is a widespread problem that should be addressed." the FBI wrote.
The cyber espionage campaigns conducted by Anonymous are the reply to the arrests of popular hackers linked to the collective linked to US retaliation strategy against hackers.
Consider hacktivism a transitory phenomena are dangerous, underestimate the capabilities of groups like Anonymous is a serious error and the FBI memo is an important warning for Governments and IT community ... Anonymous is alive and could hit every target in every moment!