Findog

Operation Red October computer espionage network targets 39 countries

In Nerds only, Polytricks on January 15, 2013 at 9:01 am

Kaspersky Lab has discovered a massive espionage malware operation targeting ‘at least’ 39 governments around the world that has been undetected for 5 years.  The details are still sketchy but the code for the operation seems to have been written by ‘Russian speaking’ coders but the attacks are similar to those first noticed against the “Free Tibet” movement.

At first glance it looks like a Chinese government operation from looking at the map.  But while most countries in Europe were hit, Britain was not?

The targets of this computer virus were embassies, research labs, military and aerospace industries.  It attacks computers, routers and smart phones.  It was very specialized in its attack using email to target specific individuals to gain access to their computer systems.  But although it was a very sophisticated operation it made some mistakes.

It was similar to the notorious Flame virus in that it set up a phoney news web site to infect computers.  But at one point it stopped executing the malicious code and instead began displaying the source code.  Another mistake was it allowed the several command and control domain names hardcoded into the malware to remain unregistered. This allowed Kaspersky researchers to obtain the Internet addresses and observe the commandeered machines.  Here is how a very similar (USG?)  virus called Flame works.

 

 

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: