A German security firm, G Data Security, has released a “threat report” which states that the Russian Government is the suspected creator of a “highly-sophisticated piece of malware” called “Uroburos”, according to an article published by The Web Hosting Industry Review. The article states that this piece of malware – “an extremely advanced rootkit” – was designed to “steal information from organizations and nation states” – per the findings of the firm’s report.
The article notes that Uroburos is extremely sophisticated – made up of “a driver and an encrypted virtual file system” which could easily “take control of an infected machine, execute arbitrary commands and hide system activities, and steal information like files but also capture network traffic.” The report confirms that Uroburos may have “avoided detection for three years or more” which has raised serious concern due to the complexity and nature of it’s design. Researchers believe, according to the article, that “Uroburos could just be the beginning of a new breed of highly sophisticated malware that will threaten countries and organizations.”
G Data Security was quoted in the article to report, “Its modular structure allows extending it with new features easily, which makes it not only highly sophisticated but also highly flexible and dangerous. Uroburos’ driver part is extremely complex and is designed to be very discreet and very difficult to identify.” According to additional information included in the article, researchers from the security firm have also determined the Russian government’s involvement due to “the presence of Cyrillic characters, and similarities (such as file names, encryption keys) to the Agent.BTZ malware attack against the US in 2008 suspected to have been the work of the Russian intelligence service.”