Subscribe free to our newsletters via your
. 24/7 Space News .

Kaspersky finds 'Red October' virus targeting EEurope
by Staff Writers
Paris (AFP) Jan 14, 2013

Kaspersky Lab said Monday it had identified a new computer virus it dubbed "Red October" targeting eastern European countries that appeared to be collecting classified files using NATO and EU encryption.

"The primary focus of this campaign targets countries in Eastern Europe, former USSR Republics, and countries in Central Asia, although victims can be found everywhere, including Western Europe and North America," said the maker of anti-virus software in a statement.

Kaspersky Lab said "there is strong technical evidence to indicate the attackers have Russian-speaking origins."

Red October, which has been active since at least 2007, appears to collect files encrypted with software used by several entities from the European Union to NATO, it added.

Kaspersky said Red October also infected smartphones and collected login information to test on other systems.

Red October has what Kaspersky Lab called a unique "resurrection" module that hid in Adobe Reader and Microsoft Office programmes that allowed the attackers to regain access if the virus was discovered and removed.

In addition to diplomatic and governmental agencies of various countries across the world, Red October also targeted research institutions, energy and nuclear groups, and trade and aerospace targets, added Kaspersky Lab.

Founded in 1997, Kaspersky Lab employs more than 2,300 specialists and is a leading IT security and anti-virus software company.

'Red October' cyberattack is identified
Moscow (UPI) Jan 14, 2013 - Russian security researchers say they've uncovered a cyberattack campaign that may have been stealing confidential documents for as long as five years.

Kaspersky Labs said the malware -- designed to steal encrypted files -- targeted government entities such as embassies, nuclear research centers, and oil and gas institutes.

Kaspersky Labs' chief malware researcher, Vitaly Kamluk, said victims had been carefully selected.

"There were a quite limited set of targets that were affected -- they were carefully selected. They seem to be related to some high-profile organizations," he told the BBC.

The malware, which has been dubbed Red October, is similar to the Flame cyberattack identified last year, researchers said.

"It appears to be trying to suck up all the usual things -- word documents, PDFs, all the things you'd expect," Alan Woodward, a security expert from the University of Surrey in Britain, said.

"But a couple of the file extensions it's going after are very specific encrypted files."

Red October also has a previously unseen ability to hide on a machine as if it has been deleted, he said.

"If it's discovered, it hides. When everyone thinks the coast is clear, you just send an email and 'boof' it's back and active again."

Sixty domain names, based mostly in Germany and Russia, were created by the hackers to run the attacks, the researchers said.


Related Links
Cyberwar - Internet Security News - Systems and Policy Issues

Comment on this article via your Facebook, Yahoo, AOL, Hotmail login.

Share this article via these popular social media networks DiggDigg RedditReddit GoogleGoogle

Memory Foam Mattress Review
Newsletters :: SpaceDaily :: SpaceWar :: TerraDaily :: Energy Daily
XML Feeds :: Space News :: Earth News :: War News :: Solar Energy News

Oracle patches dangerous Java holes
San Francisco (AFP) Jan 14, 2013
Oracle on Monday was distributing a patch for Java software flaws deemed so dangerous that the US Department of Homeland Security said that people should stop using it. "Oracle recommends that this Security Alert be applied as soon as possible because these issues may be exploited 'in the wild' and some exploits are available in various hacking tools," Oracle's Eric Maurice said in a blog po ... read more

Mission would drag asteroid to the moon

Russia designs manned lunar spacecraft

GRAIL Lunar Impact Site Named for Astronaut Sally Ride

NASA probes crash into the moon

Mars One announces requirements for Red Planet colonists

Opportunity Heading Toward Light-Toned Veins

Bacteria In Rio Tinto Could Be Like Those On Mars

Mars500 project - salt balance of the Mars 'astronauts'

AXE to Send 22 Guys to Space with New Apollo Campaign

IBM tops as tech titans scramble for US patents

Chinese tech firms pump up volume at CES

High fashion, high tech intersect at CES confab

Mr Xi in Space

China plans manned space launch in 2013: state media

China to launch manned spacecraft

Tiangong 1 Parked And Waiting As Shenzhou 10 Mission Prep Continues

Crew Wraps Up Robonaut Testing

Station Crew Ringing in New Year

Expedition 34 Ready to Ring in New Year

New ISS crew docked at Space Station

Roscosmos Releases Report On Proton Launch Anomaly

Russia plans replacement for Soyuz rocket

Arianespace's industry leadership will continue with 12 launcher family missions planned in 2013

Arianespace addresses The Insurance Institute of London

Earth-size planets common in galaxy

NASA's Hubble Reveals Rogue Planetary Orbit For Fomalhaut B

NASA, ESA Telescopes Find Evidence for Asteroid Belt Around Vega

Kepler Gets a Little Help From Its Friends

Study reveals ordinary glass's extraordinary properties

Bottom-up approach provides first characterization of pyroelectric nanomaterials

Chemical modules that mimic predator-prey and other behaviors

Government funding for 'super-material'

The content herein, unless otherwise known to be public domain, are Copyright 1995-2014 - Space Media Network. AFP, UPI and IANS news wire stories are copyright Agence France-Presse, United Press International and Indo-Asia News Service. ESA Portal Reports are copyright European Space Agency. All NASA sourced material is public domain. Additional copyrights may apply in whole or part to other bona fide parties. Advertising does not imply endorsement,agreement or approval of any opinions, statements or information provided by Space Media Network on any Web page published or hosted by Space Media Network. Privacy Statement