Security Protection – Harry Waldron MVP Rotating Header Image

Red October – Advanced Cyber-Espionage malware

This article documents the growing trend of highly advanced and targeted Cyber-Espionage malware

http://redtape.nbcnews.com/_news/2013/01/14/16507760-red-october-is-latest-super-cyberspy-virus-firm-says

QUOTE: A Russian computer security firm says it has uncovered a new, far-ranging cyberspying campaign that targets government secrets. The firm, Kaspersky Labs, has tantalizing named the malicious software behind the attack “Red October,” a nod to the famous Tom Clancy novel. Red October has been attempting to steal critical, secret documents since at least 2007, Kaspersky said in a report posted to its website Monday. It’s designed to defeat a common encryption scheme that’s used by NATO and government agencies, Kaspersky says. It’s also capable of stealing data from mobile phones, and has a “resurrection” module that allows the program to reinstall itself even if detected and removed.

Red October infections aren’t widespread, the firm says — only “several hundred” have been found so far. But the virus isn’t designed for high infection rates, but rather to spy on specific, high-value targets, it said. The highest infection rates were in Russia, Kazakhstan and Azerbaijan, Kaspersky said, suggesting Eastern Europe and former Soviet republics were the main targets of the virus writers. There were a handful of infections in Belgium, the U.S., and Switzerland, however, hinting that the virus writers might not be driven by geopolitics

Comments are closed.