The Red October malware network is one of the most advanced online espionage operations that’s ever been discovered. That’s the conclusion of Moscow-based security firm Kaspersky Lab, which first discovered Operation Red October–“Rocra” for short–in October 2012. “The primary focus of this campaign targets countries in Eastern Europe, former USSR republics, and countries in Central Asia, although victims can be found everywhere, including Western Europe and North America,” according to research published by the security firm. The attackers, who appear to speak Russian but to have also used some Chinese-made software, seem to have focused their efforts on stealing diplomatic and government information, as well as scientific research, from not just PCs and servers but also mobile devices. The Red October attacks began in 2007, and remained active at least through Sunday, which was the day before Kaspersky Lab first publicly detailed its research into the espionage operation. In a more …
Read More »Security team finds USB smart cards hijacking malware
A team of researchers have created a proof-of-concept piece of malware that can give attackers control of USB smart card readers attached to an infected Windows computer over the Internet. The malware installs a special driver on the infected computer which allows for the USB devices connected to it to be shared over the Internet with the attacker’s computer. n the case of USB smart card readers, the attacker can use the middleware software provided by the smart card manufacturer to perform operations with the victim’s card as if it was attached to his own computer, said Paul Rascagneres, an IT security consultant at Luxembourg-based security auditing and consulting firm Itrust Consulting, last week. Rascagneres is also the founder and leader of a malware analysis and engineering project called malware.lu, whose team designed this USB sharing malware. There are already documented cases of malware that hijacks smart card devices on the local …
Read More »Smartphone malware secretly creates 3D model of your surroundings
A university experiment has proven that mobile malware can used your smartphone to remotely map the interior of your house or office. Until now, the idea that your smartphone’s camera could be used to secretly build a 3D model of your home or office, upload teh data to a remote server, and allow them to virtually snoop around your home, was the preserve of works of science fiction and fantasy. However researchers at the School of Informatics and Computing at Indiana University have shown that this is, in fact, a reality, and have created a simple camera app for the Android platform which criminals could use to remotely burgle your home or office. In a paper titled PlaceRaider: Virtual Theft in Physical Spaces with Smartphones, the researchers outline how a simple app called PlaceRaider can take dozens of photos every minute on your smartphone, analyse these along with data from the phone’s other sensors and …
Read More »