Jump to content

Red October (malware)

From Wikipedia, the free encyclopedia

Operation Red October or Red October was a cyberespionage malware program discovered in October 2012 and uncovered in January 2013 by Russian firm Kaspersky Lab. The malware was reportedly operating worldwide for up to five years prior to discovery, transmitting information ranging from diplomatic secrets to personal information, including from mobile devices. The primary vectors used to install the malware were emails containing attached documents that exploited vulnerabilities in Microsoft Word and Excel.[1][2] Later, a webpage was found that exploited a known vulnerability in the Java browser plugin.[1][3] Red October was termed an advanced cyberespionage campaign intended to target diplomatic, governmental and scientific research organizations worldwide.

A map of the extent of the operation was released by the Kaspersky Lab – the "Moscow-based antivirus firm that uncovered the campaign."[4]

After being revealed, domain registrars and hosting companies shut down as many as 60 domains, used by the virus creators to receive information. The attackers, themselves, shut down their end of the operation, as well.[citation needed]

The perpetrator of the operation has not been conclusively determined but it appeared to have been in operation on some level since May 2007 at the latest. According to Kaspersky Lab, Russian slang words were found in the code which would be "generally unknown to non-native Russian speakers." However, the program also appeared to be built on existing exploits developed by Chinese hackers and previously used against Tibetan activists.[4]

Operation Red October Cyber Breaches[4]
Country Government Embassy (Diplomatic) Military Nuclear / Energy Research Aerospace Oil & Gas Industry Trade and Commerce Research Institutions Unknown Victims
 United States No Yes No No No No No No No
 Russia No Yes Yes Yes No No No Yes No
 Belarus Yes Yes Yes Yes No Yes No Yes No
 Kazakhstan Yes Yes Yes Yes Yes No No No No
 United Arab Emirates Yes Yes No Yes No Yes No No No
 Azerbaijan No Yes No Yes No Yes No Yes No
 Turkmenistan Yes No No Yes No Yes No No No
 Afghanistan Yes Yes Yes No No No No No No
 Moldova Yes Yes Yes No No No No No No
 France No Yes Yes No No No No No No
 Spain Yes Yes No No No No No No No
 Armenia Yes Yes No No No No No No No
 Cyprus Yes Yes No No No No No No No
 Iraq Yes No No No No No No No No
 Brunei Yes No No No No No No No No
 Luxembourg Yes No No No No No No No No
 India No Yes No No No No No No No
 Uganda No Yes No No No No No No No
 Pakistan No Yes No No No No No No No
 Oman No Yes No No No No No No No
 Saudi Arabia No Yes No No No No No No No
 Italy No Yes No No No No No No No
 Portugal No Yes No No No No No No No
 Morocco No Yes No No No No No No No
 Israel No Yes No No No No No No No
 Jordan No Yes No No No No No No No
 Greece No Yes No No No No No No No
 Ireland No Yes No No No No No No No
 Belgium No Yes No No No No No No No
 Germany No Yes No No No No No No No
 Hungary No Yes No No No No No No No
 Mauritania No Yes No No No No No No No
 Congo No Yes No No No No No No No
 South Africa No Yes No No No No No No No
 Botswana No Yes No No No No No No No
 Mozambique No Yes No No No No No No No
 Tanzania No Yes No No No No No No No
 Kenya No Yes No No No No No No No
 Lithuania No Yes No No No No No No No
 Latvia No Yes No No No No No No No
 Turkey No Yes No No No No No No No
 Iran No Yes No No No No No No No
 Uzbekistan No Yes No No No No No No No
 Kuwait No Yes No No No No No No No
  Switzerland No Yes No No No No No No No
 Lebanon No Yes No No No No No No No
 Austria No Yes No No No No No No No
 Georgia No Yes No No No No No No No
 Bosnia & Herzegovina No Yes No No No No No No No
 Serbia No No No No No No No No Yes
 Finland No No No No No No No No Yes
 Czech Republic No No No No No No No No Yes
 Slovakia No No No No No No No No Yes
 Macedonia No No No No No No No No Yes
 Albania No No No No No No No No Yes
 Mali No No No No No No No No Yes
 Australia No No No No No No No No Yes
 Chile No No No No No No No No Yes
 Brazil No No No No No No No No Yes
 Ethiopia No No No No No No No No Yes
 Bulgaria No No No No No No No No Yes
 Bahrain No No No No No No No No Yes
 Slovakia No No No No No No No No Yes

References

[edit]
  1. ^ a b McAllister, Neil (16 Jan 2013). "Surprised? Old Java exploit helped spread Red October spyware". The Register.
  2. ^ "The "Red October" Campaign – An Advanced Cyber Espionage Network Targeting Diplomatic and Government Agencies". Kaspersky Lab. 3 Mar 2014.
  3. ^ Goodin, Dan (15 Jan 2013). "Red October relied on Java exploit to infect PCs". Ars Technica.
  4. ^ a b c Zetter, Kim (January 14, 2013). "Cybersleuths Uncover 5-Year Spy Operation Targeting Governments, Others". Wired. Retrieved 25 January 2023.
[edit]