"[T]hey didn't disappear...not at all," Guerrero-Saade said bluntly this week. In fact, the attackers appear to be behind attacks on a nuclear power plant operator in South Korea and Samsung, and the "digital crumbs" include some re-used passwords, code, and some other small lists.
The investigators began by looking at samples of the 'Destover' malware that wrecked critical data on the hacked Sony computers and then used proprietary methods to find similarities in other attacks.
Wired has an excellent run through of the researchers methods, and a critical update to anyone interested in the Sony Pictures hack.
Written by: Andre Yoskowitz @ 13 Feb 2016 18:15