Shacknews got some more details on the recent Half-Life 2 source leak from Gabe Newell (thanks Blues). Here is a clip:
1) We've taken our network connection down to pretty much a minimum. We're still finding machines internally that have been compromised.
2) The suite of tools that the attacker was using included the modified version of RemotelyAnywhere (basically a Remote Desktop-style remote admin tool), Haxker Defender (a process, registry key and file hiding tool), the key logger, and various networking utilities that allowed them to transfer files (compressors, NetCat, and FTP). We also are pretty sure they were sniffing our network to gather passwords and other information. Haxker Defender includes a file system driver that allows an attacker to have stuff on your machine that is invisible, unless you do something like mount the drive under another OS that has NTFS support.
We have determined one way of detecting some infected machines, which is using a connection viewer to detect connections to anomalous hosts external to our network.
We still don't know their entry method.
More articles about Half-Life 2
'Half-Life 2' - Source Leak Update
by Thomas on Oct. 5, 2003 @ 2:15 a.m. PDT
In Half-Life 2 the player again picks up the crowbar of research scientist Gordon Freeman, who finds himself on an alien-infested Earth being picked to the bone, its resources depleted, its populace dwindling. Freeman is thrust into the unenviable role of rescuing the world from the wrong he unleashed back at Black Mesa. And a lot of people people he cares about are counting on him.