HomeSearchTranslate
From Wikipedia, the free encyclopedia

Operation Red October or Red October was a cyberespionage malware program discovered in October 2012 and uncovered in January 2013 by Russian firm Kaspersky Lab. The malware was reportedly operating worldwide for up to five years prior to discovery, transmitting information ranging from diplomatic secrets to personal information, including from mobile devices. The primary vectors used to install the malware were emails containing attached documents that exploited vulnerabilities in Microsoft Word and Excel. [1] [2] Later, a webpage was found that exploited a known vulnerability in the Java browser plugin. [1] [3] Red October was termed an advanced cyberespionage campaign intended to target diplomatic, governmental and scientific research organizations worldwide.

A map of the extent of the operation was released by the Kaspersky Lab – the "Moscow-based antivirus firm that uncovered the campaign." [4]

After being revealed, domain registrars and hosting companies shut down as many as 60 domains, used by the virus creators to receive information. The attackers, themselves, shut down their end of the operation, as well. [ citation needed]

The perpetrator of the operation has not been conclusively determined but it appeared to have been in operation on some level since May 2007 at the latest. According to Kaspersky Lab, Russian slang words were found in the code which would be "generally unknown to non-native Russian speakers." However, the program also appeared to be built on existing exploits developed by Chinese hackers and previously used against Tibetan activists. [4]

Operation Red October Cyber Breaches [4]
Country Government Embassy (Diplomatic) Military Nuclear / Energy Research Aerospace Oil & Gas Industry Trade and Commerce Research Institutions Unknown Victims
  United States No Yes No No No No No No No
  Russia No Yes Yes Yes No No No Yes No
  Belarus Yes Yes Yes Yes No Yes No Yes No
  Kazakhstan Yes Yes Yes Yes Yes No No No No
  United Arab Emirates Yes Yes No Yes No Yes No No No
  Azerbaijan No Yes No Yes No Yes No Yes No
  Turkmenistan Yes No No Yes No Yes No No No
  Afghanistan Yes Yes Yes No No No No No No
  Moldova Yes Yes Yes No No No No No No
  France No Yes Yes No No No No No No
  Spain Yes Yes No No No No No No No
  Armenia Yes Yes No No No No No No No
  Cyprus Yes Yes No No No No No No No
  Iraq Yes No No No No No No No No
  Brunei Yes No No No No No No No No
  Luxembourg Yes No No No No No No No No
  India No Yes No No No No No No No
  Uganda No Yes No No No No No No No
  Pakistan No Yes No No No No No No No
  Oman No Yes No No No No No No No
  Saudi Arabia No Yes No No No No No No No
  Italy No Yes No No No No No No No
  Portugal No Yes No No No No No No No
  Morocco No Yes No No No No No No No
  Israel No Yes No No No No No No No
  Jordan No Yes No No No No No No No
  Greece No Yes No No No No No No No
  Ireland No Yes No No No No No No No
  Belgium No Yes No No No No No No No
  Germany No Yes No No No No No No No
  Hungary No Yes No No No No No No No
  Mauritania No Yes No No No No No No No
  Congo No Yes No No No No No No No
  South Africa No Yes No No No No No No No
  Botswana No Yes No No No No No No No
  Mozambique No Yes No No No No No No No
  Tanzania No Yes No No No No No No No
  Kenya No Yes No No No No No No No
  Lithuania No Yes No No No No No No No
  Latvia No Yes No No No No No No No
  Turkey No Yes No No No No No No No
  Iran No Yes No No No No No No No
  Uzbekistan No Yes No No No No No No No
  Kuwait No Yes No No No No No No No
   Switzerland No Yes No No No No No No No
  Lebanon No Yes No No No No No No No
  Austria No Yes No No No No No No No
  Georgia No Yes No No No No No No No
  Bosnia & Herzegovina No Yes No No No No No No No
  Serbia No No No No No No No No Yes
  Finland No No No No No No No No Yes
  Czech Republic No No No No No No No No Yes
  Slovakia No No No No No No No No Yes
  Macedonia No No No No No No No No Yes
  Albania No No No No No No No No Yes
  Mali No No No No No No No No Yes
  Australia No No No No No No No No Yes
  Chile No No No No No No No No Yes
  Brazil No No No No No No No No Yes
  Ethiopia No No No No No No No No Yes
  Bulgaria No No No No No No No No Yes
  Bahrain No No No No No No No No Yes
  Slovakia No No No No No No No No Yes

References

  1. ^ a b McAllister, Neil (16 Jan 2013). "Surprised? Old Java exploit helped spread Red October spyware". The Register.
  2. ^ "The "Red October" Campaign – An Advanced Cyber Espionage Network Targeting Diplomatic and Government Agencies". Kaspersky Lab. 3 Mar 2014.
  3. ^ Goodin, Dan (15 Jan 2013). "Red October relied on Java exploit to infect PCs". Ars Technica.
  4. ^ a b c Zetter, Kim (January 14, 2013). "Cybersleuths Uncover 5-Year Spy Operation Targeting Governments, Others". Wired. Retrieved 25 January 2023.

External links

Retrieved from " https://en.wikipedia.org/?title=Red_October_(malware)&oldid=1172798144"
From Wikipedia, the free encyclopedia

Operation Red October or Red October was a cyberespionage malware program discovered in October 2012 and uncovered in January 2013 by Russian firm Kaspersky Lab. The malware was reportedly operating worldwide for up to five years prior to discovery, transmitting information ranging from diplomatic secrets to personal information, including from mobile devices. The primary vectors used to install the malware were emails containing attached documents that exploited vulnerabilities in Microsoft Word and Excel. [1] [2] Later, a webpage was found that exploited a known vulnerability in the Java browser plugin. [1] [3] Red October was termed an advanced cyberespionage campaign intended to target diplomatic, governmental and scientific research organizations worldwide.

A map of the extent of the operation was released by the Kaspersky Lab – the "Moscow-based antivirus firm that uncovered the campaign." [4]

After being revealed, domain registrars and hosting companies shut down as many as 60 domains, used by the virus creators to receive information. The attackers, themselves, shut down their end of the operation, as well. [ citation needed]

The perpetrator of the operation has not been conclusively determined but it appeared to have been in operation on some level since May 2007 at the latest. According to Kaspersky Lab, Russian slang words were found in the code which would be "generally unknown to non-native Russian speakers." However, the program also appeared to be built on existing exploits developed by Chinese hackers and previously used against Tibetan activists. [4]

Operation Red October Cyber Breaches [4]
Country Government Embassy (Diplomatic) Military Nuclear / Energy Research Aerospace Oil & Gas Industry Trade and Commerce Research Institutions Unknown Victims
  United States No Yes No No No No No No No
  Russia No Yes Yes Yes No No No Yes No
  Belarus Yes Yes Yes Yes No Yes No Yes No
  Kazakhstan Yes Yes Yes Yes Yes No No No No
  United Arab Emirates Yes Yes No Yes No Yes No No No
  Azerbaijan No Yes No Yes No Yes No Yes No
  Turkmenistan Yes No No Yes No Yes No No No
  Afghanistan Yes Yes Yes No No No No No No
  Moldova Yes Yes Yes No No No No No No
  France No Yes Yes No No No No No No
  Spain Yes Yes No No No No No No No
  Armenia Yes Yes No No No No No No No
  Cyprus Yes Yes No No No No No No No
  Iraq Yes No No No No No No No No
  Brunei Yes No No No No No No No No
  Luxembourg Yes No No No No No No No No
  India No Yes No No No No No No No
  Uganda No Yes No No No No No No No
  Pakistan No Yes No No No No No No No
  Oman No Yes No No No No No No No
  Saudi Arabia No Yes No No No No No No No
  Italy No Yes No No No No No No No
  Portugal No Yes No No No No No No No
  Morocco No Yes No No No No No No No
  Israel No Yes No No No No No No No
  Jordan No Yes No No No No No No No
  Greece No Yes No No No No No No No
  Ireland No Yes No No No No No No No
  Belgium No Yes No No No No No No No
  Germany No Yes No No No No No No No
  Hungary No Yes No No No No No No No
  Mauritania No Yes No No No No No No No
  Congo No Yes No No No No No No No
  South Africa No Yes No No No No No No No
  Botswana No Yes No No No No No No No
  Mozambique No Yes No No No No No No No
  Tanzania No Yes No No No No No No No
  Kenya No Yes No No No No No No No
  Lithuania No Yes No No No No No No No
  Latvia No Yes No No No No No No No
  Turkey No Yes No No No No No No No
  Iran No Yes No No No No No No No
  Uzbekistan No Yes No No No No No No No
  Kuwait No Yes No No No No No No No
   Switzerland No Yes No No No No No No No
  Lebanon No Yes No No No No No No No
  Austria No Yes No No No No No No No
  Georgia No Yes No No No No No No No
  Bosnia & Herzegovina No Yes No No No No No No No
  Serbia No No No No No No No No Yes
  Finland No No No No No No No No Yes
  Czech Republic No No No No No No No No Yes
  Slovakia No No No No No No No No Yes
  Macedonia No No No No No No No No Yes
  Albania No No No No No No No No Yes
  Mali No No No No No No No No Yes
  Australia No No No No No No No No Yes
  Chile No No No No No No No No Yes
  Brazil No No No No No No No No Yes
  Ethiopia No No No No No No No No Yes
  Bulgaria No No No No No No No No Yes
  Bahrain No No No No No No No No Yes
  Slovakia No No No No No No No No Yes

References

  1. ^ a b McAllister, Neil (16 Jan 2013). "Surprised? Old Java exploit helped spread Red October spyware". The Register.
  2. ^ "The "Red October" Campaign – An Advanced Cyber Espionage Network Targeting Diplomatic and Government Agencies". Kaspersky Lab. 3 Mar 2014.
  3. ^ Goodin, Dan (15 Jan 2013). "Red October relied on Java exploit to infect PCs". Ars Technica.
  4. ^ a b c Zetter, Kim (January 14, 2013). "Cybersleuths Uncover 5-Year Spy Operation Targeting Governments, Others". Wired. Retrieved 25 January 2023.

External links

Retrieved from " https://en.wikipedia.org/?title=Red_October_(malware)&oldid=1172798144"

Videos

Youtube | Vimeo | Bing

Websites

Google | Yahoo | Bing

Encyclopedia

Google | Yahoo | Bing

Facebook




Top Of Page

HomeSearchTranslate

© CSE