Source: Mehr News Agency, Tehran
Kaspersky Internet Security Company has said that it has uncovered a massive cyber-espionage campaign targeting world, especially Iranian diplomats. Kaspersky also added the main targets as being countries in Eastern Europe, former Soviet republics and Central Asia.
“Red October” Victims map (see high resolution)
According to Kaspersky, the espionage campaign collects critical information from mobile phones, computers, laptops, PCs in ministries, and also unsecured network configurations. The collected information is transferred to a command-and-control server (similar to Flame malware). The malware is sent via Email and phishing to prearranged targets, and is installed when the target clicks on it in his system.
The espionage uses 3 exploits in Microsoft Excel and Word. The installed Trojan searches for vulnerable systems on network, and executes.dll files, and sends information to attacker server, and then cleans the footprints.
Kaspersky says the often geopolitical stolen information is taken advantage of by states rather than individuals. The information may be sold for large sums of money to any customer.
Kaspersky believes that hackers behind the campaign 'Red October' are Russian-speaking, since their victims language is Russian and their programming language is also Russian, the Chinese being the language for exploits.
... Payvand News - 01/15/13 ... --