DailyTech covers "Red October", a piece of highly-advanced malware that lingered undetected on on European and US government networks over the last half decade. The piece of malware is less advanced than Flame, but can still do plenty of things, including recovering deleted files from USB drives. It's unknown who is behind Red October, but security experts point out that China and Iran are the two most aggressive and sophisticated cyber-aggressors when it comes to attacking the US and its allies. There's strong technical evidence that the attackers have Russian-speaking origins, but the researchers point out that China often relies on hackers in Eastern Europe or Russia to do its "dirty work".
Full details at DailyTech.
Much attention has been devoted of late to cyber-espionage efforts allegedly perpetrated by the U.S. and Israel. The Flame and Stuxnet campaigns against Iran captivated readers and infuriated supporters of the Islamist republic of Iran.
But with this new malware, which researchers have dubbed "Red October", the tables are turned U.S. and its allies are the targets.
To give one example of the sophistication of the multi-module attack package, if the user detects Red October and deletes it, a secondary hidden package can detect the deletion and carry out a protocol to reinstall the malware. The so-called "Resurrection Module" masquerades as plug-ins to Adobe Systems Inc.'s (ADBE) PDF Reader or Microsoft Corp.'s (MSFT) Office suite and is inactive until the malware is deleted.