Symantec: Black Vine Behind Hack Of 70 Million Records At Anthem

Symantec identified the Chinese gang known as Black Vine on Wednesday as the group behind the 2015 hacking attack on Anthem, the U.S. second largest health insurer.

The hacking incident, which is considered the biggest of its kind, took place in February and resulted in more than 70 million stolen personal records, The Register reported.

Symantec revealed their findings in a document created after months of research, providing insights as to the nature of the Black Vine group and their activities. The investigation covered hacking attacks since 2012 to the present, demonstrating a persistent and sophisticated cyber espionage and hacking activities that target "gas turbine manufacturers, large aerospace and aviation companies, healthcare providers, and more," Symantec explained.

Black Vine consistently develops and infects its malware on targets all over the world, particularly China, Canada, Italy, Denmark and India. The U.S., however, remains its number one target, attracting the bulk of its activities. The malware that triggered the Anthem hacking was identified by Symantec as Mivast.

One bit of critical information furnished in the Symantec study involves the emergent incidence of information sharing among hackers. "If the attackers are beginning to collaborate and share malicious code, they're reaching a stage where it's not very different from organized crime. There's something tying them all together, which is something more than money," Vikram Thakur, senior security researcher at Symantec told Ars Technica.

Experts believe that the degree and sophistication involved in Black Vine's hacking record show a group that is well financed due to its capability to sustain weaponized exploits for zero-day vulnerabilities in web browsers.

Tags
Symantec, Us, China, Canada
Real Time Analytics