Hacker News new | ask | show | jobs
by hnthrowaway0315 1000 days ago
"They routed traffic through approximately 34 servers located in nearly 20 countries to obfuscate their true location, used encrypted communication channels within Equifax’s network to blend in with normal network activity, and deleted compressed files and wiped log files on a daily basis in an effort to eliminate records of their activity."

I wonder how they managed to figure that out. Did they have to look into each of the servers?

How did they get the names?
1 comments
b112 1000 days ago
They had months to work at it. Due to Equifax's incompetence.

It should be noted, the "official" report is what investigators have been told, not what really happened behind the scenes. Naturally Equifax and its employees tried to play the poor, innocent, helpless corp, with those dastardly hackers almost mysteriously getting in.

link
hnthrowaway0315 1000 days ago
Thanks, might be my misunderstanding but I was trying to figure out how the investigators managed to figure out. Feels like the only sure way is from a leak from China, but theoretically they can also track all those servers.

The whole attack/investigation is super fascinating.

link