Skip to main content
Tags: Sony | hackers | NKorea | phishing | Cylance

Cyber Expert: Hackers Used Fake Emails to Get Sony Passwords

By    |   Wednesday, 22 April 2015 11:37 AM EDT

New research has revealed that the North Korean hackers who launched a cyberattack against Sony Pictures Entertainment most likely used fake Apple ID emails to steal passwords from Sony's IT administrators.

Stuart McClure of the cyber security firm Cylance investigated the Sony cyberattack by looking at a database of Sony emails to figure out how the hackers made their way into Sony's system, Politico reported.

McClure discovered a series of "phishing" emails, which are used to steal passwords from unwitting victims.

"We started to realize that there was constant email around Apple ID email verification, and it was in a number of inboxes," McClure said.

These emails looked like genuine emails from Apple, notifying users that they needed to log in to Apple within 48-hours or risk getting locked out of their accounts because their account had been compromised.

McClure explained that "if you weren't really on the ball, it looked exactly like an AppleCare type of email."

After clicking the link in the email, the Sony employees were led to a website that looked exactly like an Apple website, where they were supposed to log on, using their username and password, unwittingly handing over that information to the hackers, he explained further.

From there, it looks like the hackers were able to figure out their Sony log-in information from information in their LinkedIn profiles and hoped that their passwords were the same, he added.

Because the malware that the hackers installed onto Sony's system included Sony employees' passwords, it led many at the time to suspect that someone who worked for Sony was involved in the cyberattack.

According to McClure, the hackers began sending the phishing emails in late September.

The cybersecurity expert said that he and his team tried to make sure that any Internet traffic going to ioscareteam.net was diverted, but they were stopped by the British company that hosts the website, saying that they were denied "without a subpoena."

The Sony cyberattack took place in late November, in which a large amount of data was stolen and several hard drives wiped out, crippling most of Sony's network for more than a week.

The North Korean hackers were trying to prevent the Christmas Day release of the movie "The Interview," a satire making fun of the regime's dictator Kim Jong Un.

© 2024 Newsmax. All rights reserved.


US
New research has revealed that the North Korean hackers who launched a cyberattack against Sony Pictures Entertainment most likely used fake Apple ID emails to steal passwords from Sony's IT administrators.
Sony, hackers, NKorea, phishing, Cylance
386
2015-37-22
Wednesday, 22 April 2015 11:37 AM
Newsmax Media, Inc.

Sign up for Newsmax’s Daily Newsletter

Receive breaking news and original analysis - sent right to your inbox.

(Optional for Local News)
Privacy: We never share your email address.
Join the Newsmax Community
Read and Post Comments
Please review Community Guidelines before posting a comment.
 
TOP

Interest-Based Advertising | Do not sell or share my personal information

Newsmax, Moneynews, Newsmax Health, and Independent. American. are registered trademarks of Newsmax Media, Inc. Newsmax TV, and Newsmax World are trademarks of Newsmax Media, Inc.

NEWSMAX.COM
America's News Page
© Newsmax Media, Inc.
All Rights Reserved
Download the Newsmax App
NEWSMAX.COM
America's News Page
© Newsmax Media, Inc.
All Rights Reserved