I’m a little late writing about this but, as many people now know, U.S. security and forensics firm Mandiant has released critical information in regards to the Chinese state sponsored group known as APT1. As a student of digital forensics I find this kind of stuff very interesting. I’ve been having some great discussions on various forums with fellow (usually more experienced) security buffs in the field with regard to the 60-page report so I thought I’d reshare the links.
APT1: Exposing One of China’s Cyber Espionage Units (Mandiant Intelligence Center)
IOCs w/ hashes as part of Mandiant’s OpenIOC Project: Digital Appendix & Indicators
So be sure to add those IOCs to a Redline collector and get scanning!