Detection is extremely difficult because of stealth rootkit capabilities, built-in functionalities and additional cyber-espionage modules. Careto intercepts all communication channels and collects the most vital information from the victim’s machine. Of course, this situation raised their interest and this is how the investigation started.įor the victims, an infection with Careto can be disastrous. The exploit provided the malware the capability to avoid detection. Kaspersky Lab researchers initially became aware of Careto last year when they observed attempts to exploit a vulnerability in the company’s products which was fixed five years ago. “This level of operational security is not normal for cyber-criminal groups.” These combine to put this APT ahead of Duqu in terms of sophistication, making it one of the most advanced threats at the moment,” said Costin Raiu, Director of the Global Research and Analysis Team (GReAT) at Kaspersky Lab. From infrastructure management, shutdown of the operation, avoiding curious eyes through access rules and using wiping instead of deletion of log files. First of all, we observed a very high degree of professionalism in the operational procedures of the group behind this attack. “Several reasons make us believe this could be a nation-state sponsored campaign. These include office documents, but also various encryption keys, VPN configurations, SSH keys (serving as a means of identifying a user to an SSH server) and RDP files (used by the Remote Desktop Client to automatically open a connection to the reserved computer). The main objective of the attackers is to gather sensitive data from the infected systems. Victims of this targeted attack have been found in 31 countries around the world – from the Middle East and Europe to Africa and the Americas. The primary targets are government institutions, diplomatic offices and embassies, energy, oil and gas companies, research organizations and activists.
#Intego mac internet security 2013 mac os x#
This includes an extremely sophisticated malware, a rootkit, a bootkit, Mac OS X and Linux versions and possibly versions for Android and iOS (iPad/iPhone). What makes The Mask special is the complexity of the toolset used by the attackers.
Today Kaspersky Lab’s security research team announced the discovery of “The Mask” (aka Careto), an advanced Spanish-language speaking threat actor that has been involved in global cyber-espionage operations since at least 2007. New threat actor: Spanish-speaking attackers targeting government institutions, energy, oil & gas companies and other high-profile victims via cross-platform malware toolkit Kaspersky Lab Uncovers “The Mask”: One of the Most Advanced Global Cyber-espionage Operations to Date Due to the Complexity of the Toolset Used by the Attackers That this new malware infects Android, iOS, Mac OS X, Linux and Windows. Please take note of the new malware which was reported by Kaspersky, Intego etc.
0 kommentar(er)
