The company was able to sniff out Deep Panda's targeting switch because it has provided dozens of think tanks and human rights organizations with its Falcon Host technology free of charge. Falcon Host, said Alperovitch and Meyers, gives network administrators a virtual over-the-shoulder view of hackers' moves in real time, and provides the kind of forensics information that typically takes weeks or months of painstaking research to collect.
Alperovitch declined to name the think tanks that had been targeted by Deep Panda when it shifted its aim at experts in the Middle East and Iraq.
CrowdStrike has published a technical analysis of the latest Deep Panda campaign on its website.
Sign up for CIO Asia eNewsletters.