Subscribe free to our newsletters via your
. 24/7 Space News .

Russian cyberlab discovers new virus
by Staff Writers
Moscow (UPI) Jan 17, 2013

disclaimer: image is for illustration purposes only

Russia's Kaspersky Labs has uncovered the "Red October" computer virus, used for cyberespionage.

Kaspersky Labs said the Red October malware has been trolling the Internet for the past five years, targeting sensitive information from government departments and major companies worldwide in more than a dozen nations.

According to Kaspersky Lab, the ultimate manager of the Red October network is currently unknown, but traces uncovered in the virus source code point to several countries.

Kaspersky Lab first discovered the carefully hidden Red October coding in late 2012, and as the source program was decrypted, the specialists came to believe that the program was designed to infiltrate targeted computers worldwide. Subjects selected for hacking included government organizations, embassies, military installations, financial corporations and research institutes.

The carefully selected targets were the hard drive contents of computers of institutions deemed strategically important, with Red October seeking classified information, scientific research, and military secrets, Golos Rossii radio station reported on Wednesday.

The biggest question facing Kaspersky Lab analysts is who created the cyberweapon. Kaspersky Lab experts have come to the conclusion that the malware was created by a working group of several dozen programmers. Analyzing the more than 60 network addresses to which the purloined data was sent, the analysts found that the bulk of the host servers for the received data are located in Germany and the Russia Federation, concluding further on the code's development that Russian slang used by Russian software developers was found in the malware's source code.

The Red October Trojan malware exploited security vulnerabilities of popular business software, such as Microsoft Office and Adobe products, with one infected computer being sufficient to compromise an organization's entire computer network.

The Red October cyber criminals used phishing methods to target computers, compromising specific users with access to targeted networks via email, with each attack carefully planned with the malware being specifically reprogrammed for each user.

Kaspersky Lab discussed Red October in detail on its website, reporting that "To determine the victims of cyberespionage Kaspersky Lab experts analyzed data from two main sources: a cloud service Kaspersky Security Network (KSN) and sinkhole-servers for monitoring infected machines overlooking the communication with the command servers

KSN statistics helped discover hundreds of unique infected computers, most of which belonged to embassies, consulates, government agencies and research institutes. A significant part of infected systems was found in Eastern Europe. Sinkhole-server data were obtained during the period from 2 November 2012 to 10 January 2013. During this time there were more than 55,000 connections with 250 infected IP-addresses registered in 39 countries. Most connections from infected IP-addresses were recorded in Switzerland, Kazakhstan and Greece."

Perhaps the most ominous aspect of the Kaspersky Lab analysis is that the malware contains a

"recovery module," allowing operators "to 'resurrect' the infected machines. The module is built as a plug-in for Adobe Reader and Microsoft Office, and provides a second attacker access to the system if the main malware was detected and removed or if there was a system update."


Related Links
Cyberwar - Internet Security News - Systems and Policy Issues

Comment on this article via your Facebook, Yahoo, AOL, Hotmail login.

Share this article via these popular social media networks DiggDigg RedditReddit GoogleGoogle

Memory Foam Mattress Review
Newsletters :: SpaceDaily :: SpaceWar :: TerraDaily :: Energy Daily
XML Feeds :: Space News :: Earth News :: War News :: Solar Energy News

Global Web censors use devices from US firm: study
Washington (AFP) Jan 17, 2013
Authoritarian regimes around the world are using technology from a Silicon Valley firm for Internet surveillance, filtering and censorship, according to a report by Canadian researchers. The report this week from the University of Toronto's Citizen Lab said devices from California-based security firm Blue Coat Systems were being used in China, Russia, Venezuela and other countries with "a hi ... read more

US, Europe team up for moon fly-by

Russia to Launch Lunar Mission in 2015

US, Europe team up for moon fly-by

Mission would drag asteroid to the moon

Choosing the right people to go to Mars

ChemCam follows the 'Yellowknife Road' to Martian wet area

Mars image suggests ancient water flow

NASA Mars Rover Preparing to Drill Into First Martian Rock

Mathematical breakthrough sets out rules for more effective teleportation

Orion Teamwork Pays Off

Unilever Buys 22 Flights On XCOR Lynx Suborbiter For AXE Campaign

Iran renews plan to send monkey into space: reports

China to launch 20 spacecrafts in 2013

Mr Xi in Space

China plans manned space launch in 2013: state media

China to launch manned spacecraft

ESA workhorse to power NASA's Orion spacecraft

Competition Hopes To Fine Tune ISS Solar Array Shadowing

Embassy Gathers Elite Group of Space Policy Chiefs

NASA, Bigelow Officials to Discuss ISS Expandable Module

Africasat-1a to launch on first Ariane 5 launch in 2013

Roscosmos Releases Report On Proton Launch Anomaly

Russia plans replacement for Soyuz rocket

Arianespace's industry leadership will continue with 12 launcher family missions planned in 2013

Earth-size planets common in galaxy

NASA's Hubble Reveals Rogue Planetary Orbit For Fomalhaut B

NASA, ESA Telescopes Find Evidence for Asteroid Belt Around Vega

Kepler Gets a Little Help From Its Friends

New surfaces repel most known liquids

Sustainable reinforcement for concrete has newly discovered benefits

ECAPS signs contract with Skybox for complete propulsion system

Boeing Grows Composite Manufacturing Capability in Utah

The content herein, unless otherwise known to be public domain, are Copyright 1995-2014 - Space Media Network. AFP, UPI and IANS news wire stories are copyright Agence France-Presse, United Press International and Indo-Asia News Service. ESA Portal Reports are copyright European Space Agency. All NASA sourced material is public domain. Additional copyrights may apply in whole or part to other bona fide parties. Advertising does not imply endorsement,agreement or approval of any opinions, statements or information provided by Space Media Network on any Web page published or hosted by Space Media Network. Privacy Statement