Tuesday, January 12, 2010

Why Would APT Exploit Adobe?

After reading this statement from Adobe, they seem to be using the same language that described the Google v China incident:

Adobe became aware on January 2, 2010 of a computer security incident involving a sophisticated, coordinated attack against corporate network systems managed by Adobe and other companies. We are currently in contact with other companies and are investigating the incident.

Let's assume, due to language and news timing, that it's also APT. Would would APT exploit Adobe? Am I giving Adobe too much credit if I hypothesize that APT wanted to know more about Adobe's product security plans, in order to continue exploiting Adobe's products?

If that is the case, who else might APT infiltrate? Should we start looking for similar announcements from other software vendors?

5 comments:

Security Shoggoth said...

I don't think you're giving Adobe too much credit. In fact, I think you're hitting it right on the head. In fact, I wouldn't be surprised if we heard from Microsoft, Cisco and Yahoo (email repository) and other similar companies.

Anonymous said...

Brian Kerbs confirmed Adobe incident is a coincident-- according to Adobe PR, of course.

Anonymous said...

Google reveals more info:
http://googleblog.blogspot.com/2010/01/new-approach-to-china.html

via:
http://isc.sans.org/diary.html?storyid=7969

Kyrka said...

Given that Intellectual Property is one of the targets, and Adobe is deeply entrenched in legal firms all over the world... Adobe makes a perfect attack vector to what they're after.

Anonymous said...

You are correct... once they have the source code they can queue up numerous zero day exploits until they are needed.