More details of the hack that wiped out Sony Pictures’ computer systems and resulted in thousands of internal emails and documents leaking online are emerging, almost a full year since news of the breach emerged.
One tool the researchers believe was used by the hackers is named “setMFT.” setMFT can be used by a hacker to do something called “timestomping,” which changes the dates associated with files and stops them appearing to investigators looking for evidence of a hack.
Another tool discovered was “afset,” which also timestomps files and tries to hide hacking evidence from investigators. But the researchers say the tool didn’t work completely, so it didn’t hide all the files it was supposed to.
There’s still little public evidence as to the identity of the hackers behind the attack on Sony Pictures. The US government took the unusual step of publicly accusing North Korea as being behind the hack, but it hasn’t released proof as to how it found the country was behind the crime.
The group that carried out the hack, known as “Guardians of Peace,” eventually informed Sony that the attacks were carried out to try to stop the release of “The Interview,” a Seth Rogen and James Franco comedy movie that sees the pair travel to North Korea to try to kill Kim Jong-un, the country’s leader. The movie’s release was delayed after hackers threatened cinemas with violence if they screened the film.
Business Insider Emails & Alerts
Site highlights each day to your inbox.