Hostwinds Blog

Search results for:


Kaspersky Lab researchers recently released a paper which revealed a five-year "_cyber espionage operation that used highly sophisticated multi-platform malware_" to compromise hundreds of "_government and private organizations in more than 30 countries_", according to an article published by PC World. This operation – which Kaspersky has referred to as "_The Mask_" (English translation for the Spanish word Careto) in their report, went on "_undetected_ "according to PC World.

The article quotes the Kaspersky researchers to have written in the report, "_When active in a victim system, The Mask can intercept network traffic, keystrokes, Skype conversations, PGP keys, analyze WiFi traffic, fetch all information from Nokia devices, screen captures and monitor all file operations._" The article continues to quote the researchers by saying, "_The malware collects a large list of documents from the infected system, including encryption keys, VPN configurations, SSH keys, and RDP [remote desktop protocol] files. There are also several extensions being monitored that we have not been able to identify and could be related to custom military/government-level encryption tools._."

The article indicates – per findings by Kaspersky – that "_servers used by the attackers revealed more than 380 unique victims from 31 countries._" According to the article, Kaspersky has found that the Mask operation's primary targets were "_government institutions; embassies and other diplomatic missions; energy, oil and gas companies; research institutions; private equity firms and activists._" Kaspersky researchers said that "_Careto hooks have sunk into systems worldwide_, "according to the article.

Read much more in the full article about "_The Mask_" and all that researchers and industry security professionals have to discover in the aftermath.

Written by Bryon Turcotte  /  February 12, 2014

Need help? Chat now!