The Gyges, is a malware that seems to have been designed to spy on public organizations and government infrastructures. According to the latest figures, he seems to have changed hands after using cyber criminals at the moment.
Το κακόβουλο λογισμικό ανακαλύφθηκε το Μάρτη του 2014 από την Sentinel Labs. Οι ερευνητές χρησιμοποίησαν reverse engineering, in order to analyze its components and capabilities.
According to the company, Gyges can be considered as an early example of spyware malware that has been reshaped and improved by adding new modules to malicious users.
Sentinel Labs calls the threat "Invisible Malware", or in English "Invisible Malware" because of the complex mechanisms of data falsification that it has to prevent its detection. Researchers say it uses rare injection techniques and only works when the user is inactive.
Επιπλέον, φαίνεται ότι μπορεί να παρακάμψει sandbox προϊόντων ασφαλείας και είναι ανθεκτικό σε debugging και reverse engineering. Όλα αυτά, σε συνδυασμό με την καταγραφή δεδομένων που πραγματοποιεί (καταγραφή πληκτρολογήσεων, φωτογραφίες οθόνης) και τις δυνατότητες διαφυγής, κάνει πολύ εύκολο στους εγκληματίες στους οποίους έχει πέσει στα χέρια να το χρησιμοποιούν σαν σημείο εκκίνησης.
Sentinel Labs stated that traces of it were detected code του κυβερνητικού malware, σε κακόβουλο λογισμικό που χρησιμοποιείται σε κακόβουλες εκστρατείες και έχει σχεδιαστεί για να εκβιάζει τα θύματα του μέσω κρυπτογράφησης των δεδομένων του, αλλά και για τραπεζικές scams.
The origin of this code is likely to be Russia, and it could have been created to spy on governmental organizations and services.
The sophisticated code of Gyges was created for a specific purpose. For government espionage attacks, however, it looks like the government one service, who was using it failed to keep control of it.
Brandon Hoffman, CTO of RedSeal Networks, says defense techniques should be revised and improved, just as new releases are being redesigned to increase their functionality and complexity.
RedSeal Networks is a provider of end-to-end and analytics networking services designed to prevent cyber attacks.
You can read all of her report Sentinel Labs from here (PDF)