With innovative technologies springing up every minute, hackers have also left no stones unturned to dig out new technologies to creep in and loot the substantial data. Theft of secret data corresponding to RSA SecurID tokens has recently emerged as a serious security threat. These SecurID tokens were used by 40 million RSA employees for accessing sensitive networks. The data theft was performed with the help of an e-mail. The e-mail was designed to intrude through the RSA defense and steal secret information related to SecurID. The e-mail came out as a 13-word message, as evidences unveil. The mail, sent to four employees of RSA parent company EMC, stated, “I forward this file to you for review.” “Please open and view it.” This e-mail was unleashed by Timo Hirvonen, one of the researchers of F-Secure.
The theft has generated awareness and increased security concerns among the forensic and malware experts. According to the RSA report, the invaders had sent two different phishing e-mails on consecutive days to a group of lower-level employees. The messages were scripted to seek attention of the employees and entrap them, by asking them to retrieve the mail from their junk folder and open the attached excel file. The excel file contained malicious Adobe Flash object, named 2011 Recruitment plan.xls. When the file was opened, it installed the Poison Ivy backdoor on the user's computer.
The origins of such e-mails are still sought after by the researchers, who are extra vigilant and would soon implement improved security measures to keep the data hacking instruments at bay.