Be sure to read the source:
intelreport.mandiant.com/Mandiant_APT1_Report.pdf
I'm only part way through, but I find it hard to believe that
only micro$loth computers are used as the attack OS. Maybe I
haven't gotten far enough through report to find the part
where they use the *nix boxes?
scott
If I didn't miss any part of the report, no *nix is mentioned.
I'm a *nix fan, but why they (when I say they, I mean an attacker, not necessary the one in this document) should complicate their life, when all tools are available for windows os, you just have to compile them.
Cheers,
Calin
Failure to understand reality is not reality's fault.