Rocra malware spies on governments

By on
Rocra malware spies on governments

Kaspersky details its hunt for "Red October".

Kaspersky Labs has released a report into its discovery of a complex, active malware kit that appears to have beem used over the past five years to spy on diplomatic missions and government agencies around the world.

Named Rocra - which is short for Red October - the malware steals user and network credentials, files, Outlook email storage files as well as messages from POP/IMAP mail servers and data from FTP file servers. The malware also contains modules designed to steal data from Windows Mobile, iPhone and Nokia devices.

Kaspersky used time-stamps on the malware executables to trace its use back to 2007. The researchers said Red October was discovered in October last year and rivals the Flame malware in complexity and ability.

Kaspersky engineers believe the malware targets Eastern European, former USSR countries and Central Asian nations. Western European and and North American countries have also been in the firing line.

At this time, there is no evidence linking Red October to any particular country, but Kaspersky Labs notes the exploits in Red October that target Microsoft Word and Excel seem to have been created by Chinese Hackers and malware modules by Russian-speaking coders.

Red October has been active in attacking trade, research, nuclear power and energy institutions, oil and gas companies as well as aerospace enterprises and the military.

Over sixty domain names were used by the attackers  to control the malware and to collect the data it steals, with Internet Protocol addresses geolocated mostly in Russia and Germany, the report noted. By monitoring some of the attackers' domains, Kaspersky was able to record around 55,000 connections from 250 different IP addresses.

Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

You must be a registered member of iTnews to post a comment.
| Register

Poll

How should the costs of Australia's piracy scheme be split?
Rights holders should foot the whole bill
50/50
ISPs should foot the whole bill
Government should chip in a bit
Other
Flash is heading towards its grave, and that's...
Great! Good riddance
Sad! Flash had some good qualities
Irrelevant. I don't care
What's Flash?
View poll archive

Whitepapers from our sponsors

What will the stadium of the future look like?
What will the stadium of the future look like?
New technology adoption is pushing enterprise networks to breaking point
New technology adoption is pushing enterprise networks to breaking point
Gartner names IBM a 'Leader' for Disaster Recovery as a Service
Gartner names IBM a 'Leader' for Disaster Recovery as a Service
The next era of business continuity: Are you ready for an always-on world?
The next era of business continuity: Are you ready for an always-on world?

Log In

Username:
Password:
|  Forgot your password?