Attackers behind March’s RSA SecurID attack apparently used the same method to try to infiltrate two U.S. national security organizations according to data recently made public by file checking site VirusTotal.
Per an IDG News Service story, the malicious Flash-laden Excel spreadsheet was uploaded to VirusTotal 16 times by 15 different sources between first hitting RSA and after the attack was publicly disclosed by RSA in mid-March.
According to the article, VirusTotal’s founder, Bernardo Quintero claims that two of the targets were organizations related to U.S. national security, yet because of the site’s inherent anonymity, he can’t divulge who exactly uploaded the tainted Excel documents.
Many have speculated that the attack on RSA, a division of EMC, eventually led to the compromise of Lockheed Martin, Northrup Grumman and L-3 Communications.
For more on this, read IDG News’ take.