Security firm Kaspersky has discovered that, until recently, unknown malware attack on governments, scientific institutions and businesses for the past five years continues. The attack would be large amounts of data are captured.
According to the security company, the malware, the Red October has mentioned, in terms of complexity similar to the Flame virus, which, in turn, would be used against Iranian nuclear installations. The Red October malware, which consists of a combination of a virus and command-and-control servers, would be especially focused on countries in Eastern Europe and Central Asia, but also countries in West-Europe and North America were targeted. The netherlands is, according to Kaspersky not affected; in Belgium are victims: there are embassies to be infected.
The attack, which was set up via phishing e-mails, had the goal of secret documents to steal. That, among others, were captured by the authorities, but also at nuclear research institutes, the ministry of defence, the aerospace industry and companies. The attackers used existing exploits in other attacks were used. So they could make systems to penetrate.
The malware was also able to transfer data from iPhones to steal, as well as phones from Nokia and models with Windows Mobile. In addition, it enabled data to be captured from usb drives, with ‘deleted’ data were recovered. Whom the attack has been set up, is unclear, but Kaspersky thinks that it is in any case to Russian speaking persons. Also has Kaspersky indications that the attack for the past five years continues, without being noticed.
