Feeds

back to article 'Red October' has been spying on WORLD LEADERS for 5 years - researchers

Security watchers have discovered a malware-based cyber-espionage campaign targeting diplomats, governments and scientific research institutions worldwide. Operation Red October has targeted Eastern Europe, former Soviet republics, and countries in Central Asia for the past five years, according to Kaspersky Lab. The attack has …

COMMENTS

This topic is closed for new posts.
Silver badge
Meh

Ah yes. The benefit of a monoculture.

Guessing games as to source. Have they not heard of the double bluff?

4
1
Silver badge
Meh

Spying?

Spying on Governments and politicians? It would be like trying to understand and make sense of the residents in a Californian Asylum for the criminally insane.

1
0
Anonymous Coward

>Guessing games as to source. Have they not heard of the double bluff?

This one is SO OBVIOUSLY the Yanks that I'm left wondering whether it was us or the froggies.

Merde! Sale rôti de bœuf cochon.

4
1

This post has been deleted by its author

Anonymous Coward

Re: Spying?

@ Lars:

California is an Asylum for the criminally insane

2
1
Silver badge

Re: The benefit of a monoculture.

Beacuse "The researchers said the malware also has the capability to steal data from smartphones including Android handsets, iPhones and Windows Phone mobes - including Nokia, Sony Ericsson and HTC models." clearly indicates it only infects one platform.

0
0
Pint

Love it...I mean...who the fuck needs security policies let alone enforcement right?

I reckon it was the Norks...

Or the Frogs etc...possibly bonobos. Actually my money's on the apes.

*cough*

Pint coz well its all a bit much otherwise right?

0
0
Anonymous Coward

I think we need more information...

Please tell us more about the hunt for Red October

:O)

(Disappointed you let that one slip through your fingers John!)

0
0

This post has been deleted by a moderator

Bronze badge

Re: another reason to use a non-MS operating system

I was not aware that MS made adriod and the iphone.

12
1
Anonymous Coward

Re: another reason to use a non-MS operating system

Whoever put together the "Eadon" script needs to tweak it so that it dosen't automatically presume that any story about a compromise is an MS story.

7
0
Silver badge
Coat

Re: another reason to use a non-MS operating system

Clearly, once Eadon and RICHTO collide, they will annihilate in a burst of gamma rays thelike of which the blogosphere has never seen.

Unfortunately they do not have attractive charge, so it may take some time until that happens.

5
1
Vic
Silver badge

Re: another reason to use a non-MS operating system

> once Eadon and RICHTO collide, they will annihilate

Oh please, ohpleaseohpleaseohplease...

Vic.

3
1
Bronze badge

Re: another reason to use a non-MS operating system

Did you bother to read the article?

"The researchers said the malware also has the capability to steal data from smartphones including Android handsets, iPhones and Windows Phone mobes - including Nokia, Sony Ericsson and HTC models."

0
2
Silver badge
Pirate

Re: another reason to use a non-MS operating system

Did you bother to read the article?"

But, does it mean this malware can infect those various phones or does it look for one being plugged into a Windows PC and simply steal the data that way?

4
0
Anonymous Coward

Re: another reason to use a non-MS operating system

Eadon, you really need to lay off the double espressos for a while.

Relax. Chill. Have beer. Heck, have a whole crate. Not every mention of the word "Microsoft" deserves an immediate "BAD! BAD! EVIL!! KILL IT! STUPID IF YOU USE IT!" sort of reaction - I'm positive you could construct a more coherent set of arguments supported with facts if you didn't feel compelled to follow a sort of (if contains "Microsoft" then screech loudly) algorithm (hold your horses, coders, I haven't written code in 25 years so it's crap - just stay with the principle).

Yes, I prefer other platforms too over Windows, but I am not going to jump into every... single... story... with... essentially the same style comments (maybe delete your templates?). Present some facts. Show a study where in an instance that relates to the story (important) Linux came out better. That would be good - everyone likes facts they can use, and I'm sure you would be able to find them (I am generously assuming you're not a mouth-frothing fanatic here).

Otherwise you're doing nothing more than damaging that OS you apparently love so much, which would be a shame.

Chill :)

6
2
Anonymous Coward

Re: another reason to use a non-MS operating system

Unfortunately they do not have attractive charge

Yup - can't find *any* attraction there

/me runs away quickly

0
0
Bronze badge
WTF?

Re: another reason to use a non-MS operating system

Durr. You think NATO and the EU are going to switch all their users to linux?

Oh wait, Android is linux. What's your next suggestion?

0
4
Anonymous Coward

Re: another reason to use a non-MS operating system

>Clearly, once Eadon and RICHTO collide...

I'm starting to wonder if Eadon and RICHTO are one and the same... the two prongs of the same forked tongue.

0
1
Anonymous Coward

Re: another reason to use a non-MS operating system

> Whoever put together the "Eadon" script needs to tweak it so that it dosen't automatically presume that any story about a compromise is an MS story.

"malware including a Trojan dropper. Microsoft Office and Microsoft Excel vulnerabilities were exploited to infect targeted systems"

3
0
Anonymous Coward

What ever you do don't blame Windows ...

The writer did actually manage to *not* mention Windows in relation to malware , in the whole of the article. Where it did give a mention to Windows , it was lumped in with those well-known virus vectors .. Android and iPhones. There type of reports are only of interest as to how they manage to not not lay the blame squarely at the door of the blame-worthy. That such security breeches can still occur in 2013 beggars disbelief.

2
1
Anonymous Coward

Re: another reason to use a non-MS operating system

I have windows at home---but I don't consider it as anything but a toy operating system---I use it for toys such as certain a epson scanner and steam games collection. I never use it for anything serious.

I would never trust it in security terms either. Frightening though, that politicians are using MS windows, apparently without proper protection.

2
3
Anonymous Coward

Re: What ever you do don't blame Windows ...

I find it funny that android can be a vector for a virus... like its immune but it infects windows machines.

0
1
Anonymous Coward

Re: What ever you do don't blame Windows ...

those well-known virus vectors .. Android and iPhones

I'm intrigued - could you point me to the iPhone virus vectors? I must have missed that while on holidays and it's good to know the facts. I have tried Google but all I get are problems with jailbroken phones, which I do not consider a worry (you take that route, you have to deal with the consequences).

Facts, please

0
0
Anonymous Coward

Re: another reason to use a non-MS operating system

Yes, MS office vulnerabilities used to infect Android phones.

Err...

1
0
Anonymous Coward

Putin, Putin, Puddin' and Pie.

"Based on the registration data of C2 servers and the numerous artifacts left in executables of the malware, there is strong technical evidence to indicate the attackers have Russian-speaking origins,"

Comrade, say it isn't so.

0
1
Silver badge
Devil

Re: Putin, Putin, Puddin' and Pie.

More likely Chinese working with Iranians who are secretly controlled by Mossad who are financed by the US who are controlled by space lizards.

6
0
Silver badge

Re: Putin, Putin, Puddin' and Pie.

I think your logic accelerator needs skid control - there are no space lizards.

0
0
Silver badge
Coat

Re: Putin, Putin, Puddin' and Pie.

" there are no space lizards."

Nope, they were all born here on Earth

0
0
Happy

Russian humor, or someone making fun of them?

Did you see the names of the registrants of some of the C&C domains?

Sergej Dumkovski

Denis Dumkov

Denis Ustuygov (used-to-gov?)

Igor Shaven

0
0
Bronze badge

A sense of humour

Dumkov and Dumkovski seem to be a variation on the same name thus might be a made-up one. Ustyugov would (Устюгов, there is a town Великий Устюг) -- again sounds artificial. Igor Shaven is the most unusual but plausible.

However, all these people if real, might be unaware of this "Red October".

1
0
Pint

Russian?

"Dumkov" is "Dummkopf" which is German and Ustugov looks like an English joke. Hate to say it but American or British are good bets. But spying on NATO .... hmm. That needs at least one beer.

1
0
Bronze badge

Re: Russian?

It doesn't say they were spying on NATO, it says NATO was one of the customers of the Acid Cryptofiler product, a product that the malware could penetrate.

I have zero doubt that the USA spies on the EU and EU nations. I have zero doubt that major EU nations spy on the USA and on each other.

The artifacts of Russian in the code, those could have been inserted intentionally.

And the infecting country could well have infected some of its own machines, knowing that there would be no harm in doing so.

You would probably have to look at what commands were sent, what data was sent back, from multiple infected machines from multiple countries, to try to figure out which country was behind this.

So this is where all those snoopy privacy destroying logs that ISPs are supposed to keep on us all are supposed to come in.

So, do they have logs from the past few years that they can go back and look at? Or do our rulers exempt themselves from surveillance?

1
0

FSB 1, NATO 0

First half result in the new electronic Cold War....

0
3
P_0

Re: FSB 1, NATO 0

Surely whoever made this malware (assuming it is the Russians) is now 1 down and not 1 up on the enemy (NATO) since they've just been discovered.

NATO's (or whoever) malware is still out there, undetected.

1
0

Re: FSB 1, NATO 0

Nah 5 years running without detection they are definitely 1 up, I am sure they expected it to be discovered well before now.

NATO couldn't find its bottom without a ton of bureaucratic red tape, seriously doubt they could pull off something this clever, unless of course the yanks or Israelis gave them access to the guys who came up with Stuxnet and the other clones.

0
0

Re: FSB 1, NATO 0

If i read between the lines of the article correctly, then the malware was looking for Crytofiler files and sending them back home, where they can be thrown to the supercomputers for decrypting. Nice.

0
0

WTF - "Acid Cryptofiler"

Is it just me or does one get the feeling that an application named like something written by "l33t Haxorz" should probably be shunned for anything more than keeping wife from finding the pr0n collection?

What is wrong with PGP or SSH? Too boring?

0
0
Anonymous Coward

Re: WTF - "Acid Cryptofiler"

Perhaps the first part of the name is a little nod at the inspiration behind the second? B-)

0
0

Cryptofiler

According to Wikipedia, Cryptofiler isn't used for classified information.

0
0
Facepalm

Re: Cryptofiler

No harm done then.

0
0
This topic is closed for new posts.