A high-level cyber espionage campaign has successfully broken into computers and networks of government, diplomatic and scientific research organizations around the world for the last five years, according to a report from security software firm Kasperksy Labs.
Top 10 in Kaspersky’s list of most infected nations (those with more than 5 victims) are:
Russian Federation – 35 infectionsKazakhstan – 21Azerbaijan – 15India – 14Afghanistan – 10Armenia – 10Iran – 7Turkmenistan – 7Ukraine – 6United States - 6
“The C&C infrastructure is actually a chain of servers working as proxies and hiding the location of the true-mothership-command and control server,” the report said.
The multi-functional framework used by the attackers also allow them to steal data from mobile phones, dump enterprise network equipment configuration, hijack files from removable disk drives, steal e-mail databases from Local Outlook storage or remote POP/MAP servers and get files from local network FTP servers.
For more information on Red October go to the Kaspersky Labs Securelist blogsite