The Operations of a Cyber Arms Dealer

An anonymous reader writes "FireEye researchers have linked eleven distinct APT cyber espionage campaigns previously believed to be unrelated (PDF), leading them to believe that there is a shared operation that supplies and maintains malware tools and weapons used in them. The eleven campaigns they tied together were detected between July 2011 and September 2013, but it's possible and very likely that some of them were active even before then. Despite using varying techniques, tactics, and procedures, the campaigns all leveraged a common development infrastructure, and shared — in various combinations — the same malware tools, the same elements of code, binaries with the same timestamps, and signed binaries with the same digital certificates."