Sophisticated Spy Tool ‘The Mask’ Rages Undetected for 7 Years
Posted by Sin City Examiner
PUNTA CANA, Dominican Republic – Researchers have uncovered a sophisticated cyber spying operation that has been alive since at least 2007 and uses techniques and code that surpass any nation-state spyware previously spotted in the wild.
The attack, dubbed “The Mask” by the researchers at Kaspersky Lab in Russia who discovered it, targeted government agencies and diplomatic offices and embassies, before it was dismantled last month. It also targeted companies in the oil, gas and energy industries as well as research organizations and activists. Kaspersky uncovered at least 380 victims in more than two dozen countries, with the majority of the targets in Morocco and Brazil.
The attack — possibly from a Spanish-speaking country — used sophisticated malware, rootkit methods and a bootkit to hide and maintain persistence on infected machines. The attackers sought not only to steal documents, but to steal encryption keys, data about a target’s VPN configurations, and Adobe signing keys, which would give the attackers the ability to sign .PDF documents as if they were the owner of the key.
The Mask also went after files with extensions that Kaspersky has not been able to identify yet. The Kaspersky researchers believe the extensions may be used by custom government programs, possibly for encryption.
About Sin City ExaminerRocktographer(Live Music Photographer), Motorsports & Beach Sports Photographer, based in Las Vegas & the Beach Cities in California; Website Developer, Food & Drink Photographer, Enthusiast and Critic with No-Sugar-Coating Reviews, Sports Handicapper, etc. No longer on Facebook, due to being discriminated against for using Fake Names, unlike the 'Drag Queens' of the GLBT Community that are allowed to do so. I urge everyone that reads this to leave Facebook for easier use at ( http://www.TSU.co/SinCityExaminer ) & ( https://plus.google.com/+KevinSinCityExaminer )
Posted on February 11, 2014, in Uncategorized and tagged Bootkit, Cyber, Dominican Republic, Kaspersky, Latest Spy Tool, Malware, NSA, PDF, Rootkit, Spying, Spyware, The Mask, VPN. Bookmark the permalink. Leave a comment.