Home / / Mandiant’s hacking report hit with virus

Mandiant’s hacking report hit with virus

Consultancy firm plagued with compromised versions of ‘China cyber threat’ document

Mandiant’s hacking report hit with virus
Mandiant claimed this 12-storey building in Shanghai served as the base for a Chinese military-led hacking group.

Digital threat consultancy firm Mandiant Corp - author of the investigative report blaming Chinese military hackers for recent US cyber attacks - has itself been the victim of viruses as its own 74-page report was polluted with malware, Reuters reported on Friday.

As US officials continue to debate the implications of the report, the contents of which have been disavowed by the Chinese government, it has emerged that an unknown group tainted versions of the document and emailed them to several recipients.

Last Monday's report claimed that a Chinese hacking group known as APT1 was backed by the People's Liberation Army's Shanghai-based Unit 61398. Cyber research companies are not normally so specific in the identification of individuals involved in attacks.

Mandiant even claimed to have pinpointed the building, said to be in the Pudong financial district of Shanghai, from which 61398 had appropriated "hundreds of terabytes of data from at least 141 organizations across a diverse set of industries beginning as early as 2006". 

Mandiant was founded in 2004 by Kevin Mandia, and claims to have worked with approximately 40% of Fortune 100 companies. It also claims that there is often a waiting list for its services.

"We tend not to take the small jobs. We take the big ones - the ones you would love to read about in the paper, but we keep them out of the paper," said Mandiant's chief security officer, Richard Bejtlich.

The company's leadership team includes former US armed services personnel and federal agents.

Responding to the compromised copies of its report the company said on its blog that its internal systems had not been breached.

Follow us to get the most comprehensive IT Security news delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.