‘Red October’: another evil jew spy virus found by Kaspersky Lab

JAVA Bugs, the STUXNET Worm and the Coming Cyber 9/11

An elaborated cyber-espionage network with the potential to compete with the notorious Flame virus has been detected by the Kaspersky Lab. The malware, as the laboratory experts claim, has attacked computer systems of diplomatic, government and research agencies and corporations – including nuclear, trade and aerospace ones - in a number of countries around the globe, with Eastern Europe countries, former Soviet republics and Central Asia being in the center of attention.

The Kaspersky team has dubbed the newly discovered network as Rocra – a shortened name for Red October. They say the network is capable of stealing data from smartphones, dumping network equipment configurations, seizing files from removable disk drives, including those that had been erased, and scanning through email databases and local network FTP servers.

What distinguishes this espionage system from similar ones like Flame and Grauss, is that Rocra’s attacks are carefully prepared. Before the attack, the configuration of the victim’s hardware and software, his native language and even habit of document usage is thoroughly considered.

Information snatched by espionage networks is typically used afterwards to gain access into additional systems, the antivirus experts say.

It is still quite  a task to find out the hackers’ location, the Kaspersky team admits, as  the “mothership” control server is functioning through its proxies performing operations from more than 60 domain names and several server hosting locations in different countries – primarily in Germany and Russia, the experts add.
However, there are some hints that indicate the attackers behind the network might be of Russophone origin, as Russian words have been spotted. The  Red October has been infecting computers since at least 2007, the Kaspersky Lab revealed. The company said the investigation into the malware was performed with the support from the US Romanian and Belorusian Computer Emergency Readiness Teams.

A number of cyber espionage programs has been discovered by the Kaspersky Lab over the past few years./div> One  of the most powerful of them – Flame – was first spotted by the Russian  anti-virus giant in 2010. For years this data-snatching virus had been attacked hundreds of computers in Iran, before it was finally uncovered.

First  information about another powerful virus dubbed Gauss appeared in mid 2012. By that time it had attacked thousands of computers in the Middle East – primarily in Lebanon, but also in Israel and Palestinian territories – seizing financial transactions, emails and picking passwords to all kind of pages.

According to Kaspersky Lab’s co-founder and CEO Eugene Kaspersky, global cyber warfare tactics are becoming more sophisticated while also becoming more  threatening. Speaking at an International Telecommunication Union Telecom World conference in Dubai, the anti-virus tycoon said, "cyber warfare is in full swing and we expect it to escalate in 2013."

http://english.ruvr.ru/2013_01_15/Flame-Gauss-now-Red-October-another-powerful-spy-virus-found-by-Kaspersky-Lab//div> /body> /html>