Skip to main content

FBI Warns Businesses About Malware Attack

Last week, Sony Pictures Entertainment took a nasty beating by hackers. The company saw its Twitter feeds and several of its websites taken over by a group that calls themselves "Guardians of Peace." This group also left messages for Sony employees, grabbed passport copies and other employee data, and leaked a number of files and watermarked films including Annie, Fury, Mr. Turner and two others.

Both the FBI and the Department of Homeland Security are currently investigating Sony's breach, while Sony itself has hired FireEye Inc's forensic team, Mandiant, to help clean up the damage. The breach was bad enough to force Sony Pictures to shut down its network of computers until the damage was undone. The company's email system was expected to be back up and running on Monday.

On Monday night, the FBI emailed a five-page warning to businesses reporting that "destructive" malware is being used to attack the United States. The FBI doesn't mention Sony Pictures in its report, but instead describes the same malware that was used in the attack. The FBI also does not state how many additional attacks have been carried out.

According to the document, the malware can cripple computers by deleting all files on a hard drive, including the master boot record. This makes recovery almost impossible if the computer does not have a backup image. The FBI's warning also indicates that the malware was compiled in Korean, but doesn't specifically name North Korea as the origin.

There's speculation that the hack is tied to North Korea, as Sony Pictures is gearing up to release The Interview on Christmas day. This comedy flick is about a talk show host that lands an interview with Kim Jong Un and is enlisted by the CIA to assassinate the North Korean leader. Naturally, Pyongyang isn't pleased and is currently not denying rumors that it is behind the Sony Pictures attacks.

Reuters reports that the FBI's document provides details about the malware and how to respond to the attack. The document also urges companies to contact the FBI immediately if they discover the malware in their systems. An FBI representative confirmed with Tom's Hardware that the "flash" warning was issued, and that this warning is nothing out of the ordinary.

"In furtherance of public-private partnerships, the FBI routinely advises private industry of various cyber threat indicators observed during the course of our investigations," the FBI said in an emailed statement. "This data is provided in order to help systems administrators guard against the actions of persistent cyber criminals."

The FBI would not provide the bulletin, as it's not meant for the media.

Follow Kevin Parrish @exfileme. Follow us @tomshardware, on Facebook and on Google+.

  • Steveymoo
    I feel sorry for the employees the most. As if VFX artists don't put up with enough shit to begin with..
    Reply
  • Duckhunt
    You have to watch what you click on in emails these days. The malware seems to infect buddies but the fake emails are easy to catch because they are all the same or on some time wasting scenario.
    Reply