icon bookmark-bicon bookmarkicon cameraicon checkicon chevron downicon chevron lefticon chevron righticon chevron upicon closeicon v-compressicon downloadicon editicon v-expandicon fbicon fileicon filtericon flag ruicon full chevron downicon full chevron lefticon full chevron righticon full chevron upicon gpicon insicon mailicon moveicon-musicicon mutedicon nomutedicon okicon v-pauseicon v-playicon searchicon shareicon sign inicon sign upicon stepbackicon stepforicon swipe downicon tagicon tagsicon tgicon trashicon twicon vkicon yticon wticon fm
12 Dec, 2014 17:47

Russia targeted by another large-scale cyber espionage campaign – Kaspersky Lab

Russia targeted by another large-scale cyber espionage campaign – Kaspersky Lab

Russian companies in oil, finance, military, and other sectors – as well as the country’s embassies abroad – have become the primary targets of a new espionage campaign, labeled ‘Cloud Atlas’ by global information security powerhouse Kaspersky Lab.

Enterprises in Belarus and Kazakhstan – which are Russia’s partners in the Eurasian Custom Union – are also affected. Another major target of the campaign is India, the Moscow-based company said.

According to Kaspersky Lab, Cloud Atlas infects corporate computers via RTF (Rich Text Format) files attached to emails.

Those behind the campaign have also launched attacks using MMS and SMS messages to infect Android, BlackBerry, and iOS devices.

Kaspersky Lab’s Global Research & Analysis Team believes Cloud Atlas is most likely a successor to the so-called ‘Red October’ espionage campaign.

“Both Red October and Cloud Atlas, according to our data, are focused on the abduction of information from the organizations located in Eastern Europe,” Igor Sumenkov, principal security researcher at Kaspersky Lab, told Sputnik news agency.

"Geographic location and occupation of victims of Cloud Atlas and Red October are similar. Moreover, among the targets of Cloud Atlas there is at least one organization that has been previously attacked by Red October," he explained.

The Red October cyber espionage campaign was discovered by Kaspersky Lab in October 2012 and defeated in January 2013. For five years, the malware stole information from various organizations around the world, mostly in Russia.

READ MORE: ‘Red October’: Global cyber-spy network uncovered by Russian experts

The current Cloud Atlas attacks are in no way an indication of weak cyber security in the area, as they only reflect “the particular interests of certain groups of intruders” in Russia and its companies, Sumenkov said.

“Probably, only the authors of this malware campaign know exactly why these organizations and exactly why these territories are targeted," he stressed.

"Judging by the set of malware tools...used by Cloud Atlas, it can be said that this campaign has been developed at least by a group of experienced professionals in creating malicious software. Without a doubt, it gives grounds to consider [the] Cloud Atlas espionage network dangerous,” he added. “Cloud Atlas authors have done a great job preparing to return after Red October was dismantled.”

The name given to the malware by Kaspersky Lab corresponds with the Cloud Atlas novel by David Mitchell, which was turned into a movie by the Wachowskis and Tom Tykwer in 2012.

Earlier this week, Kaspersky Lab summed up its work in 2014, announcing that its software prevented over six billion malware attacks on computers and mobile devices around the globe.

The total number of mobile banking Trojan attacks aimed at stealing money from clients has increased by nine times, the company said.

There was also more than a two-fold increase in cyber-attack risks for companies, with 4,400 large businesses in at least 55 countries becoming targets of hackers.

The situation with cyber security around the globe “is now bad and it’s going to get worse,” Evgeny Kaspersky, co-founder of Kaspersky Lab, said on Wednesday.