Last week, researchers from German security company G Data Software reported for the first time about a very complex and sophisticated rootkit malware, Uroburos designed to steal data from secure installations and have the ability to take control of an infected machine, execute arbitrary commands and conceal its activities from the system owner.
Recently, British cyber experts from BAE Systems revealed the native Russian malware dubbed 'SNAKE', which has remained virtually undetected for at least eight years, while it has already penetrated a large number of security systems. The Uroburos Rootkit was one of the components of this malware.
In a separate research, Western intelligence officials have discovered another spyware, which has infected hundreds of government computers across Europe and the United States, and is known as “Turla.” The researchers they believed that Turla was directly linked to an earlier malicious campaign known as "Red October" or "Red October", a huge global spy-based Cyber Project that was aimed diplomatically, militarily. nuclear and research networks.
"It's an advanced malware that is connected to other Russian exploits, uses encryption and targets Western governments. "There are Russian traces everywhere," said Jim Lewis, a former US State Department official.
Yesterday, the BAE Systems Applied Intelligence analyzed the "extent of its poisonous" character Snake which uses news tricks για να προσπεράσει την ασφαλεία των Windows, συμπεριλαμβανομένης της ικανότητάς του να κρύβει το Web traffic of the victim. The new malware features all the features of an extremely advanced Cyberproject that exploits vulnerabilities from user failures and also has the ability to do exploit to a scalability vulnerability that allows it to bypass Windows 64-bit, a vulnerability that is very similar to a well-known "zero-day" exploit.
"Its design shows that the attackers have an arsenal of penetration tools and have all the characteristics of a highly advanced Project in cyberspace. "The most notable is the trick used by developers to load unsigned malware into 64-bit Windows systems, bypassing essential elements of Windows security," BAE said.
The practice was formerly known as Agent.BTZ, which was discovered in 2008 when US Department of Defense officials claimed that their classified networks had been compromised by an early version of the same virus. Since then, it has developed and added many advanced features that make it even more flexible and sophisticated than it was before, BAE reports.
According to BAE Systems Applied Intelligence, the malware operates mainly in Eastern Europe, but also in the USA, the United Kingdom and other Western European countries. Malicious software can infiltrate and run systems Windows XP, Vista, 7 and 8.
"Although there has been some awareness of SNAKE malware for a number of years, so far we have not been able to reveal its full potential, and the threat presented to us is clearly something that should be taken much more seriously," he said. Martin Sutherland, CEO of BAE Systems. "
The publication was at The Hacker News