Kaspersky Uncovers Fresh Cyber-espionage Operation
Russia-based security company Kaspersky Lab recently exposed one utterly harmful cyber-espionage scheme, which stole massive volumes of high level secret data, belonging to a total of 350 unspecified major government and business entities.
As per the company, the operation, known as Operation NetTraveler, reportedly ran within 40-or-more nations. Among the victims, USA, UK along with Canada, China and Russia were included.
Various agencies and groups across the private and public segments were infected with malware. These infected parties comprised military contractors as well as activists, embassies' research offices, government institutions, and many companies associated with infrastructure such as gas-and-oil production. According to Kaspersky, the toolkit was created for tasks like espionage and data-theft.
The company further stated that as per early assessment, the C&C servers of the spying attack were utilized for disseminating as also planting more malware, while also upload captured data.
The medium of assault is tried-and-tested although unsophisticated. Victims of NetTraveler become contaminated via spear-phishing electronic mails that have Office file attachments abusing 2 publicly-declared security flaws: CVE-2010-3333 and CVE-2012-0158.
Albeit Microsoft has issued patches for these flaws, they continue to be efficacious as well as are abused the greatest number of times through personalized assaults. Kaspersky said that at the time of assessment there wasn't any sophisticated exploitation of 0-day flaws witnessed else more malware methods, particularly rootkits. Consequently, surprise struck the company when it realized that the said non-advanced assaults could still prove effective for high-profile attack entities.
Victims in the largest numbers were from Kazakhstan, Russia, Mongolia and India. NetTraveler-targeted 6 victims had as well got victimized with Red October, an earlier advanced cyber-espionage operation that Kaspersky exposed during January 2013. But that isn't suggestive of common hackers for the 2 schemes, as indeed the two are considerably different.
Senior Security Researcher Kurt Baumgartner at Kaspersky said that the network arrangement of NetTraveler seemed as designed for further spreading campaigns compared to that of Red October. Even though the two operations were highly successful, the NetTraveler gang didn't appear as possessing the technical talent likewise of Red October, Baumgartner contended, which Mashable published dated June 5, 2013.
» SPAMfighter News - 10-06-2013