Sophisticated malware discovered after 7 years, likely created by a nation-state

[listopencil]

Security firm Kaspersky Labs recently released a research paper that uncovers the existence of a piece of highly complex malware that's been in circulation for almost seven years. It's called "The Mask," which is a rough English translation of Careto, a Spanish word for "ugly face" that was found in the malware's code. Aimed at high-level targets such as government institutions, embassies and large energy corporations, Kaspersky says "The Mask" has already claimed nearly 380 unique victims (with more than 1,000 IPs) in 31 countries that include China, France, Germany, the UK and the US. Kaspersky first spotted it in a spear phishing email campaign that entices the recipient over to malicious websites disguised as news sites like The Guardian and the Washington Post.

Kaspersky reports that the malware is extremely sophisticated, with a set of tools that include a rootkit, a bootkit, versions that'll affect 32- and 64-bit Windows, Mac OS X, Linux and possibly even mobile operating systems like Android and iOS. Once it gets its hooks into your system, it can be used to hijack all your communication channels and snatch everything from Skype conversations to sensitive encryption keys. It's also very difficult to detect. Due to the level of finesse found in the malware, Kaspersky concludes that "The Mask" was very likely created by a nation-state, much like Stuxnet and Duqu. As to which nation-state that is, the security firm doesn't know, but says it's probably one that is Spanish-speaking based on the code's language. Intrigued? Go on and hit the PDF link here to get the full rundown of what Kaspersky discovered.


http://www.securelist.com/en/downloa...emask_v1.0.pdf

[planetdoc]

Quote:

Originally Posted by htismaqe

Norton is one of the worst AV suites on the market.

http://www.av-comparatives.org/

would disagree....though I dont think they include norton in their latest tests.

[htismaqe]

Quote:

Originally Posted by planetdoc

http://www.av-comparatives.org/

would disagree....though I dont think they include norton in their latest tests.

It's not just about effectiveness, it's also about ease of use, administration, support, etc.

Norton is one of the worst pieces of Windows software there is.

EDIT: That link is broken, by the way.

[planetdoc]

Quote:

Originally Posted by htismaqe

It's not just about effectiveness, it's also about ease of use, administration, support, etc.

It would be nice if their is data to quantify that. At least av-comparitives does a good job of quantifying effectiveness.

Quote:

Originally Posted by htismaqe

EDIT: That link is broken, by the way.

i'm able to get the link to work just fine. maybe your company is blocking it.

[hometeam]

Norton is absolute shit.

Avast mateys!

[Fish]

As a system administrator, I'll throw in another opinion for Norton being complete shit. Terrible performance, bloated services, nightmare administration, sometimes impossible to uninstall, etc, etc.

[htismaqe]

Quote:

Originally Posted by planetdoc

It would be nice if their is data to quantify that. At least av-comparitives does a good job of quantifying effectiveness.



i'm able to get the link to work just fine. maybe your company is blocking it.

I'm not surfing from work. And I'm using Google DNS. It doesn't resolve.

EDIT: It didn't resolve. It does now.

[planetdoc]

There is a new 0-day Adobe Flash bug that is actively being exploited. It affects Windows, Mac, and Linux. Its believed to be state sponsored (by the Syrian Government).

As I've said before, US opened up pandora's box.
https://www.securelist.com/en/blog/8...g_hole_attacks