MOUNTAIN VIEW, Calif., Oct. 31 (UPI) -- Unknown hackers, scoping out corporate secrets, used the malware "Poison Ivy" to reach into about 48 companies' computers, experts said Monday.
Symantec researchers told Computerworld the hacking efforts, which they dubbed "Nitro," targeted many chemical and defense firms between July and mid-September.
Poison Ivy was developed by a Chinese hacker and is easily obtained on the Internet.
"Nitro wasn't at the level of sophistication of a Stuxnet," senior Symantec researcher Jeff Wilhelm said. "But there are similarities with other advanced threats."
The computer security software company said Poison Ivy was inserted on the computers of people who opened infected e-mails, some of which appeared to be meeting requests from known business partners and others announcing updates to anti-virus software or for Adobe Flash Player.
Opening the messages installed Poison Ivy on their machines.
The hackers then searched the compromised computers for confidential information and downloaded it elsewhere.
Twenty-nine of the firms whose computers were breached were in the chemical and advanced materials trade, Computerworld said. The remainder were in the defense and other industries.
A dozen of the companies are based in the United States, five in the United Kingdom and others were in Denmark, Italy, the Netherlands and Japan, the magazine said.
Symantec said it contacted an individual who owned one of the command-and-control servers who went by the name "Covert Grove." Symantec said the server was located in China's Hebei province, which surrounds Beijing.
"We were able to trace this back to this individual, which is unusual," said Wilhelm. "But we just don't know whether he is the sole hacker.
"It could have been corporate espionage, or it could be anything."