Kaspersky has named the virus ‘Red October’ (obviously one of their analyst has a wry sense of humour). If you may recall, The Hunt for Red October was the title of a Hollywood blockbuster some years ago, where a nuclear submarine belonging to the erstwhile USSR, goes rogue.
The Russia-based anti-virus software firm in a statement said, "The primary focus of this campaign targets countries in Eastern Europe, former USSR Republics, and countries in Central Asia, although victims can be found everywhere, including Western Europe and North America." It said there was very strong technical evidence that the attackers have Russian-speaking origins.
So far the attacks have been targeted at organisations in Europe, former USSR Republics, Central Asia and North America, Kaspersky Lab claims.
What is more daunting is that Kaspersky Labs has also added that Red October may have been active since at least 2007. It had also infected smartphones and collected login information to test on other systems. Red October has what Kaspersky Lab called a unique "resurrection" module that hid in Adobe Reader and Microsoft Office programmes that allowed the attackers to even regain access if the virus was discovered and removed.
Founded in 1997, Kaspersky Lab employs more than 2,300 specialists and is a leading IT security and anti-virus software company.
The statement has send governments and related agencies scurrying. But in an interesting report this morning, The Christian Science Monitor has said US experts who have reviewed the Kaspersky report are divided over who might be behind the malware – a Russian crime syndicate harvesting sensitive information and selling it or holding it for ransom, or a sophisticated nation state. Kaspersky, for now, has said there’s no evidence of this being a State-sponsored attack.