Reply to post: likely true

FBI: Who was going around hijacking Barracuda email boxes? China, probably

Rainer
Holmes

likely true

I looked into this when our appliances were....visited (I am not responsible for them - I would have shut them off a long time ago, and a couple of weeks earlier, Barracuda had suffered some sort of breach for their hosted-service, which it kind-of swept under the rug....

Anyway - I took two of the IPs from the IOC-list and did some digging. At least one pointed to an ISP in Hongkong, boasting great connectivity to China - and prominently accepted various forms of crypto-payment.

I did a reverse-dns search and saw that the IP hosted a lot of domains that looked like they had been acquired from some sort of Chinese domain marketplace.

I mean, the line between "professional hackers for profit" and APT-style, government-sponsored groups is likely very thin anyway, but this one somehow had this "uncanny valley" feeling you get when something is top easy, too simple.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon