A New analysis report claims that vulnerability in RSA Secure ID that was discovered earlier this year and that brought RSA to its knees was also able to victimise a number of top US and other corporations around the globe.
760 organisations that were victims of the major cyber attack as a result of the RSA Secure ID vulnerability and have been named in the list put up by Brian Kerbs on his blog Kerbs on Security.
Up until now it was believed that RSA was the only company that was affected by the vulnerability and subsequent hack as no other company had come forward and talked publicly about whether they were also compromised.
Some of the names that are included in the list are Google, Yahoo, Microsoft, Abbot Labs, Cisco Systems, eBay, The European Space Agency, Facebook, etc. According to the analyst, the names were gathered from a command and control centre that is normally used to control botnets. No further details about the server or any analysis has been released.
There are some things that are worth noting. There are cases wherein ISPs have been listed as being hacked which might not be 100% true as ISP route the traffic and their IP addresses might have come up during the analysis because of that in the command and control centre. Names of Security vendors is another big ‘if' as security companies may have tried reverse engineering of the malware and may have let lose the infected system to check the functionality of the malware.