back to article 'Red October' has been spying on WORLD LEADERS for 5 years - researchers

Security watchers have discovered a malware-based cyber-espionage campaign targeting diplomats, governments and scientific research institutions worldwide. Operation Red October has targeted Eastern Europe, former Soviet republics, and countries in Central Asia for the past five years, according to Kaspersky Lab. The attack …

COMMENTS

This topic is closed for new posts.
  1. Will Godfrey Silver badge
    Meh

    Ah yes. The benefit of a monoculture.

    Guessing games as to source. Have they not heard of the double bluff?

    1. LarsG
      Meh

      Spying?

      Spying on Governments and politicians? It would be like trying to understand and make sense of the residents in a Californian Asylum for the criminally insane.

      1. This post has been deleted by its author

      2. Anonymous Coward
        Anonymous Coward

        Re: Spying?

        @ Lars:

        California is an Asylum for the criminally insane

    2. Anonymous Coward
      Anonymous Coward

      >Guessing games as to source. Have they not heard of the double bluff?

      This one is SO OBVIOUSLY the Yanks that I'm left wondering whether it was us or the froggies.

      Merde! Sale rôti de bœuf cochon.

    3. Irongut Silver badge

      Re: The benefit of a monoculture.

      Beacuse "The researchers said the malware also has the capability to steal data from smartphones including Android handsets, iPhones and Windows Phone mobes - including Nokia, Sony Ericsson and HTC models." clearly indicates it only infects one platform.

  2. IT Hack
    Pint

    Love it...I mean...who the fuck needs security policies let alone enforcement right?

    I reckon it was the Norks...

    Or the Frogs etc...possibly bonobos. Actually my money's on the apes.

    *cough*

    Pint coz well its all a bit much otherwise right?

    1. Anonymous Coward
      Anonymous Coward

      I think we need more information...

      Please tell us more about the hunt for Red October

      :O)

      (Disappointed you let that one slip through your fingers John!)

  3. This post has been deleted by a moderator

    1. kain preacher

      Re: another reason to use a non-MS operating system

      I was not aware that MS made adriod and the iphone.

    2. Anonymous Coward
      Anonymous Coward

      Re: another reason to use a non-MS operating system

      Whoever put together the "Eadon" script needs to tweak it so that it dosen't automatically presume that any story about a compromise is an MS story.

      1. Destroy All Monsters Silver badge
        Coat

        Re: another reason to use a non-MS operating system

        Clearly, once Eadon and RICHTO collide, they will annihilate in a burst of gamma rays thelike of which the blogosphere has never seen.

        Unfortunately they do not have attractive charge, so it may take some time until that happens.

        1. Vic

          Re: another reason to use a non-MS operating system

          > once Eadon and RICHTO collide, they will annihilate

          Oh please, ohpleaseohpleaseohplease...

          Vic.

        2. Anonymous Coward
          Anonymous Coward

          Re: another reason to use a non-MS operating system

          Unfortunately they do not have attractive charge

          Yup - can't find *any* attraction there

          /me runs away quickly

        3. Anonymous Coward
          Anonymous Coward

          Re: another reason to use a non-MS operating system

          >Clearly, once Eadon and RICHTO collide...

          I'm starting to wonder if Eadon and RICHTO are one and the same... the two prongs of the same forked tongue.

      2. Anonymous Coward
        Anonymous Coward

        Re: another reason to use a non-MS operating system

        > Whoever put together the "Eadon" script needs to tweak it so that it dosen't automatically presume that any story about a compromise is an MS story.

        "malware including a Trojan dropper. Microsoft Office and Microsoft Excel vulnerabilities were exploited to infect targeted systems"

        1. Anonymous Coward
          Anonymous Coward

          Re: another reason to use a non-MS operating system

          Yes, MS office vulnerabilities used to infect Android phones.

          Err...

      3. Anonymous Coward
        Anonymous Coward

        What ever you do don't blame Windows ...

        The writer did actually manage to *not* mention Windows in relation to malware , in the whole of the article. Where it did give a mention to Windows , it was lumped in with those well-known virus vectors .. Android and iPhones. There type of reports are only of interest as to how they manage to not not lay the blame squarely at the door of the blame-worthy. That such security breeches can still occur in 2013 beggars disbelief.

        1. Anonymous Coward
          Anonymous Coward

          Re: What ever you do don't blame Windows ...

          I find it funny that android can be a vector for a virus... like its immune but it infects windows machines.

        2. Anonymous Coward
          Anonymous Coward

          Re: What ever you do don't blame Windows ...

          those well-known virus vectors .. Android and iPhones

          I'm intrigued - could you point me to the iPhone virus vectors? I must have missed that while on holidays and it's good to know the facts. I have tried Google but all I get are problems with jailbroken phones, which I do not consider a worry (you take that route, you have to deal with the consequences).

          Facts, please

    3. WatAWorld

      Re: another reason to use a non-MS operating system

      Did you bother to read the article?

      "The researchers said the malware also has the capability to steal data from smartphones including Android handsets, iPhones and Windows Phone mobes - including Nokia, Sony Ericsson and HTC models."

      1. John Brown (no body) Silver badge
        Pirate

        Re: another reason to use a non-MS operating system

        Did you bother to read the article?"

        But, does it mean this malware can infect those various phones or does it look for one being plugged into a Windows PC and simply steal the data that way?

    4. Anonymous Coward
      Anonymous Coward

      Re: another reason to use a non-MS operating system

      Eadon, you really need to lay off the double espressos for a while.

      Relax. Chill. Have beer. Heck, have a whole crate. Not every mention of the word "Microsoft" deserves an immediate "BAD! BAD! EVIL!! KILL IT! STUPID IF YOU USE IT!" sort of reaction - I'm positive you could construct a more coherent set of arguments supported with facts if you didn't feel compelled to follow a sort of (if contains "Microsoft" then screech loudly) algorithm (hold your horses, coders, I haven't written code in 25 years so it's crap - just stay with the principle).

      Yes, I prefer other platforms too over Windows, but I am not going to jump into every... single... story... with... essentially the same style comments (maybe delete your templates?). Present some facts. Show a study where in an instance that relates to the story (important) Linux came out better. That would be good - everyone likes facts they can use, and I'm sure you would be able to find them (I am generously assuming you're not a mouth-frothing fanatic here).

      Otherwise you're doing nothing more than damaging that OS you apparently love so much, which would be a shame.

      Chill :)

    5. Ross K
      WTF?

      Re: another reason to use a non-MS operating system

      Durr. You think NATO and the EU are going to switch all their users to linux?

      Oh wait, Android is linux. What's your next suggestion?

    6. Anonymous Coward
      Anonymous Coward

      Re: another reason to use a non-MS operating system

      I have windows at home---but I don't consider it as anything but a toy operating system---I use it for toys such as certain a epson scanner and steam games collection. I never use it for anything serious.

      I would never trust it in security terms either. Frightening though, that politicians are using MS windows, apparently without proper protection.

  4. Anonymous Coward
    Anonymous Coward

    Putin, Putin, Puddin' and Pie.

    "Based on the registration data of C2 servers and the numerous artifacts left in executables of the malware, there is strong technical evidence to indicate the attackers have Russian-speaking origins,"

    Comrade, say it isn't so.

    1. Destroy All Monsters Silver badge
      Devil

      Re: Putin, Putin, Puddin' and Pie.

      More likely Chinese working with Iranians who are secretly controlled by Mossad who are financed by the US who are controlled by space lizards.

      1. Ole Juul

        Re: Putin, Putin, Puddin' and Pie.

        I think your logic accelerator needs skid control - there are no space lizards.

        1. Sir Runcible Spoon
          Coat

          Re: Putin, Putin, Puddin' and Pie.

          " there are no space lizards."

          Nope, they were all born here on Earth

  5. VeganVegan
    Happy

    Russian humor, or someone making fun of them?

    Did you see the names of the registrants of some of the C&C domains?

    Sergej Dumkovski

    Denis Dumkov

    Denis Ustuygov (used-to-gov?)

    Igor Shaven

    1. eulampios

      A sense of humour

      Dumkov and Dumkovski seem to be a variation on the same name thus might be a made-up one. Ustyugov would (Устюгов, there is a town Великий Устюг) -- again sounds artificial. Igor Shaven is the most unusual but plausible.

      However, all these people if real, might be unaware of this "Red October".

  6. Marshalltown
    Pint

    Russian?

    "Dumkov" is "Dummkopf" which is German and Ustugov looks like an English joke. Hate to say it but American or British are good bets. But spying on NATO .... hmm. That needs at least one beer.

    1. WatAWorld

      Re: Russian?

      It doesn't say they were spying on NATO, it says NATO was one of the customers of the Acid Cryptofiler product, a product that the malware could penetrate.

      I have zero doubt that the USA spies on the EU and EU nations. I have zero doubt that major EU nations spy on the USA and on each other.

      The artifacts of Russian in the code, those could have been inserted intentionally.

      And the infecting country could well have infected some of its own machines, knowing that there would be no harm in doing so.

      You would probably have to look at what commands were sent, what data was sent back, from multiple infected machines from multiple countries, to try to figure out which country was behind this.

      So this is where all those snoopy privacy destroying logs that ISPs are supposed to keep on us all are supposed to come in.

      So, do they have logs from the past few years that they can go back and look at? Or do our rulers exempt themselves from surveillance?

  7. Best Before:

    FSB 1, NATO 0

    First half result in the new electronic Cold War....

    1. P_0

      Re: FSB 1, NATO 0

      Surely whoever made this malware (assuming it is the Russians) is now 1 down and not 1 up on the enemy (NATO) since they've just been discovered.

      NATO's (or whoever) malware is still out there, undetected.

      1. Best Before:

        Re: FSB 1, NATO 0

        Nah 5 years running without detection they are definitely 1 up, I am sure they expected it to be discovered well before now.

        NATO couldn't find its bottom without a ton of bureaucratic red tape, seriously doubt they could pull off something this clever, unless of course the yanks or Israelis gave them access to the guys who came up with Stuxnet and the other clones.

        1. poohbear

          Re: FSB 1, NATO 0

          If i read between the lines of the article correctly, then the malware was looking for Crytofiler files and sending them back home, where they can be thrown to the supercomputers for decrypting. Nice.

  8. fajensen Silver badge

    WTF - "Acid Cryptofiler"

    Is it just me or does one get the feeling that an application named like something written by "l33t Haxorz" should probably be shunned for anything more than keeping wife from finding the pr0n collection?

    What is wrong with PGP or SSH? Too boring?

    1. Anonymous Coward
      Anonymous Coward

      Re: WTF - "Acid Cryptofiler"

      Perhaps the first part of the name is a little nod at the inspiration behind the second? B-)

  9. TkH11

    Cryptofiler

    According to Wikipedia, Cryptofiler isn't used for classified information.

    1. Johan Bastiaansen
      Facepalm

      Re: Cryptofiler

      No harm done then.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2021