The founder of Kaspersky Labs has been appealing to a press conference in London to provide insights into his company's attack from one of the most mysterious advanced persistent threat or APT that has been identified today.
Eugene Kaspersky did not provide information as to who was behind Kaspersky Labs's attack and avoided giving a specific timetable when the violation took place. But he has rushed to highlight the complexity of the platform that was used, the second-generation Duqu that 2014 first discovered after two years of absence from the internet.
He stated that the malware and tactics used by APT allowed him to be virtually invisible on the network for quite some time.
The ingredients of Duqu 2 were found in the APAC security company's home network in the spring, but Eugene Kaspersky said it was there for a long time, maybe a few months.
Apparently, Kaspersky Labs will try to gather more information about the malware's infrastructure in the near future software approach and analyze them technologies που χρησιμοποιήθηκαν. Η δραστηριότητά του αποκαλύφθηκε κατά τη duration internal control systems security.
The reason that was not identified from the beginning is that it left no trace to the infected systems and was in memory.
In addition to installing it on RAM, malware did not generate much traffic (traffic), which could trigger Kaspersky's anti-APT systems. Malware also pretended to be the system administrator, a tactic that did not allow detection.
Duqu 2 is believed to be a government-targeted malware Companies high-profile in the West, Asia, the Middle East and Russia, whose costs are estimated by Kaspersky to start at $10 million.
Eugene Kaspersky said Kaspersky Labs researchers will report safely only when they look at the source code of the malware, and its administration and control servers. There was no government at the press conference.
The interview ended with him Eugene Kaspersky to state:
“Don't hack me! That's a bad idea"
