New research has revealed that the North Korean hackers who launched a cyberattack against Sony Pictures Entertainment most likely used fake Apple ID emails to steal passwords from Sony's IT administrators.
Stuart McClure of the cyber security firm Cylance investigated the Sony cyberattack by looking at a database of Sony emails to figure out how the hackers made their way into Sony's system,
Politico reported.
McClure discovered a series of "phishing" emails, which are used to steal passwords from unwitting victims.
"We started to realize that there was constant email around Apple ID email verification, and it was in a number of inboxes," McClure said.
These emails looked like genuine emails from Apple, notifying users that they needed to log in to Apple within 48-hours or risk getting locked out of their accounts because their account had been compromised.
McClure explained that "if you weren't really on the ball, it looked exactly like an AppleCare type of email."
After clicking the link in the email, the Sony employees were led to a website that looked exactly like an Apple website, where they were supposed to log on, using their username and password, unwittingly handing over that information to the hackers, he explained further.
From there, it looks like the hackers were able to figure out their Sony log-in information from information in their LinkedIn profiles and hoped that their passwords were the same, he added.
Because the malware that the hackers installed onto Sony's system included Sony employees' passwords, it led many at the time to suspect that someone who worked for Sony was
involved in the cyberattack.
According to McClure, the hackers began sending the phishing emails in late September.
The cybersecurity expert said that he and his team tried to make sure that any Internet traffic going to ioscareteam.net was diverted, but they were stopped by the British company that hosts the website, saying that they were denied "without a subpoena."
The Sony cyberattack took place in late November, in which a large amount of data was stolen and several hard drives wiped out,
crippling most of Sony's network for more than a week.
The North Korean hackers were trying to prevent the Christmas Day release of the movie
"The Interview," a satire making fun of the regime's dictator Kim Jong Un.
© 2024 Newsmax. All rights reserved.