Skip to main content

Red October hackers also used Java exploit for spy campaign

posted onJanuary 17, 2013
by l33tdawg

Hackers behind the long-running espionage campaign dubbed Red October were also using an old Java exploit to capture targets from government agencies and embassies.

Earlier this week Russian security firm Kaspersky Lab announced the discovery of a targeted malware campaign aimed at high-profile diplomatic, military and government targets across 39 nations. The victims were primarily in Eastern Europe, however individuals in Western Europe and North America were also targeted.

The attackers had evaded detection for over five years, according to Kaspersky, giving them access to victims' passwords, network configurations and sensitive information on workstations and mobile devices. While the researchers identified dozens of information-stealing capabilities, Red October's primary attack methods relied on exploits for flaws in Word and Excel documents, most likely sent to targets as email attachments. However, there was no evidence the attackers had used today's most popular attack vector: the web.

Source

Tags

Java Hackers Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th