The Securities and Exchange commission is investigating a hacker group that grabbed information from corporate leaders emails that could be used for insider trading, according to a report Wednesday.
The ring was identified in a special report called Hacking the Street? released by FireEye last year. It gave the group the name FIN4.
According to Reuters, which cited confidential sources, the SEC and the U.S. Secret Service have asked at least eight companies for details on the breaches. Many of FIN4 S targets were in health and biotech, according to FireEye.
An SEC spokesman declined to comment on the report. Our policy is that we can t confirm or deny the existence or non-existnec of investigations, said the spokesman, Kevin Callahan.
FIN4 was active at least since mid-2013 but apparently abandoned its activities after the report was released, according to a FireEye threat intelligence analyst.
We handed over all of our information to the relevant authorities and have not seen the group active since then, said Jen Weedon, a FireEye manager in threat intelligence based in Alexandria, Va. They seem to have gone dark since we released the report, she said.
Weedon said FireEye noticed them trying to target our customers and compiled dossier of everything they d done and started to notice a pattern. The group was laser-focused on hacking into email of specific employees in order to get information that would give them a trading advantage.
That included email of financial, legal, research and scientific employees who would have access to such information.
Their technique was unique and simple but brilliant, Weedon said. The hackers would inject themselves into an email conversation as if they were one of the real participants, and then forward a weaponized spreadsheet or Word document that would grab usernames and passwords when it was opened.
The hackers appeared to be native speakers of American English with a keen understanding of who to target to get sensitive information, she said. It seems like they may be based in America, but we haven t confirmed that.
Photo: FireEye logo
