facebook
twitter
rss
account
search
search
 

'Red October' cyberattack is identified

Jan. 14, 2013 at 4:56 PM   |   Comments

MOSCOW, Jan. 14 (UPI) -- Russian security researchers say they've uncovered a cyberattack campaign that may have been stealing confidential documents for as long as five years.

Kaspersky Labs said the malware -- designed to steal encrypted files -- targeted government entities such as embassies, nuclear research centers, and oil and gas institutes.

Kaspersky Labs' chief malware researcher, Vitaly Kamluk, said victims had been carefully selected.

"There were a quite limited set of targets that were affected -- they were carefully selected. They seem to be related to some high-profile organizations," he told the BBC.

The malware, which has been dubbed Red October, is similar to the Flame cyberattack identified last year, researchers said.

"It appears to be trying to suck up all the usual things -- word documents, PDFs, all the things you'd expect," Alan Woodward, a security expert from the University of Surrey in Britain, said.

"But a couple of the file extensions it's going after are very specific encrypted files."

Red October also has a previously unseen ability to hide on a machine as if it has been deleted, he said.

"If it's discovered, it hides. When everyone thinks the coast is clear, you just send an email and 'boof' it's back and active again."

Sixty domain names, based mostly in Germany and Russia, were created by the hackers to run the attacks, the researchers said.

© 2013 United Press International, Inc. All Rights Reserved. Any reproduction, republication, redistribution and/or modification of any UPI content is expressly prohibited without UPI's prior written consent.
Most Popular
1
Next week's lunar eclipse may feature the color turquoise Next week's lunar eclipse may feature the color turquoise
2
35,000 walruses haul out of ocean, crowd Alaskan shore 35,000 walruses haul out of ocean, crowd Alaskan shore
3
NASA satellite shows scope of Aral Sea disaster NASA satellite shows scope of Aral Sea disaster
4
Apple releases fix for 'Shellshock' virus Apple releases fix for 'Shellshock' virus
5
Social network Ello getting thousands of requests per hour Social network Ello getting thousands of requests per hour
Trending News
x
Feedback