Kaspersky Lab detects ‘Red October’ malware created for cyber espionage


by CBR Staff Writer| 15 January 2013

Cyber campaigners created more than 60 domain names and several server hosting locations in several countries

Kaspersky Lab has detected a new malware called 'Red October', used for cyber espionage targeted at diplomatic missions and government agencies across the world.

The malware was created to steal data, geopolitical intelligence, mobile phones and network equipment.

Prime targets of the malware were countries of Eastern Europe, Central Asia and former USSR countries. Although the victims could be from Western Europe and North America.

Operation Red October, dubbed as "Rocra" is claimed to be still be active and has been since 2007, according to Kaspersky Lab.

The cyber campaigners created more than 60 domain names and several server hosting locations with the majority located in Germany and Russia.

Rocra claimed to have its own unique modular architecture comprised of malicious extensions, info-stealing modules and backdoor Trojans.

The attackers used a targeted spear-phishing email to infect a system which included a customised Trojan dropper.

Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

756 people like this.
0 people follow this.

Security Intelligence

Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.