Comment by nvm0n2
2 years ago
The whole story starts with them detecting the anomalous network traffic, so not sure what you think they did wrong.
2 years ago
The whole story starts with them detecting the anomalous network traffic, so not sure what you think they did wrong.
I read it as it was going on for 4 years and they did 12 months of investigation leaving an unknown amount of time it went undetected.
What they mean is there's evidence in the captured binaries and from other victims that this campaign has been running for at least four years, not that they were compromised for four years. It actually sounds like they detected their own compromise immediately.