Red October (malware)

Operation Red October or Red October was a cyberespionage malware program discovered in October 2012 and uncovered in January 2013 by Russian firm Kaspersky Lab. The malware was reportedly operating worldwide for up to five years prior to discovery, transmitting information ranging from diplomatic secrets to personal information, including from mobile devices. The primary vectors used to install the malware were emails containing attached documents that exploited vulnerabilities in Microsoft Word and Excel.[1][2] Later, a webpage was found that exploited a known vulnerability in the Java browser plugin.[1][3] Red October was termed an advanced cyberespionage campaign intended to target diplomatic, governmental and scientific research organizations worldwide.

A map of the extent of the operation was released by the Kaspersky Lab – the "Moscow-based antivirus firm that uncovered the campaign."[4]

After being revealed, domain registrars and hosting companies shut down as many as 60 domains, used by the virus creators to receive information. The attackers, themselves, shut down their end of the operation, as well.[citation needed]

The perpetrator of the operation has not been conclusively determined but it appeared to have been in operation on some level since May 2007 at the latest. According to Kaspersky Lab, Russian slang words were found in the code which would be "generally unknown to non-native Russian speakers." However, the program also appeared to be built on existing exploits developed by Chinese hackers and previously used against Tibetan activists.[4]

Operation Red October Cyber Breaches[4]
Country Government Embassy (Diplomatic) Military Nuclear / Energy Research Aerospace Oil & Gas Industry Trade and Commerce Research Institutions Unknown Victims
United States No Yes No No No No No No No
Russia No Yes Yes Yes No No No Yes No
Belarus Yes Yes Yes Yes No Yes No Yes No
Kazakhstan Yes Yes Yes Yes Yes No No No No
United Arab Emirates Yes Yes No Yes No Yes No No No
Azerbaijan No Yes No Yes No Yes No Yes No
Turkmenistan Yes No No Yes No Yes No No No
Afghanistan Yes Yes Yes No No No No No No
Moldova Yes Yes Yes No No No No No No
France No Yes Yes No No No No No No
Spain Yes Yes No No No No No No No
Armenia Yes Yes No No No No No No No
Cyprus Yes Yes No No No No No No No
Iraq Yes No No No No No No No No
Brunei Yes No No No No No No No No
Luxembourg Yes No No No No No No No No
India No Yes No No No No No No No
Uganda No Yes No No No No No No No
Pakistan No Yes No No No No No No No
Oman No Yes No No No No No No No
Saudi Arabia No Yes No No No No No No No
Italy No Yes No No No No No No No
Portugal No Yes No No No No No No No
Morocco No Yes No No No No No No No
Israel No Yes No No No No No No No
Jordan No Yes No No No No No No No
Greece No Yes No No No No No No No
Ireland No Yes No No No No No No No
Belgium No Yes No No No No No No No
Germany No Yes No No No No No No No
Hungary No Yes No No No No No No No
Mauritania No Yes No No No No No No No
Congo No Yes No No No No No No No
South Africa No Yes No No No No No No No
Botswana No Yes No No No No No No No
Mozambique No Yes No No No No No No No
Tanzania No Yes No No No No No No No
Kenya No Yes No No No No No No No
Lithuania No Yes No No No No No No No
Latvia No Yes No No No No No No No
Turkey No Yes No No No No No No No
Iran No Yes No No No No No No No
Uzbekistan No Yes No No No No No No No
Kuwait No Yes No No No No No No No
 Switzerland No Yes No No No No No No No
Lebanon No Yes No No No No No No No
Austria No Yes No No No No No No No
Georgia No Yes No No No No No No No
Bosnia & Herzegovina No Yes No No No No No No No
Serbia No No No No No No No No Yes
Finland No No No No No No No No Yes
Czech Republic No No No No No No No No Yes
Slovakia No No No No No No No No Yes
Macedonia No No No No No No No No Yes
Albania No No No No No No No No Yes
Mali No No No No No No No No Yes
Australia No No No No No No No No Yes
Chile No No No No No No No No Yes
Brazil No No No No No No No No Yes
Ethiopia No No No No No No No No Yes
Bulgaria No No No No No No No No Yes
Bahrain No No No No No No No No Yes
Slovakia No No No No No No No No Yes

References

[edit]
  1. ^ a b McAllister, Neil (16 Jan 2013). "Surprised? Old Java exploit helped spread Red October spyware". The Register.
  2. ^ "The "Red October" Campaign – An Advanced Cyber Espionage Network Targeting Diplomatic and Government Agencies". Kaspersky Lab. 3 Mar 2014.
  3. ^ Goodin, Dan (15 Jan 2013). "Red October relied on Java exploit to infect PCs". Ars Technica.
  4. ^ a b c Zetter, Kim (January 14, 2013). "Cybersleuths Uncover 5-Year Spy Operation Targeting Governments, Others". Wired. Retrieved 25 January 2023.
[edit]
Retrieved from "https://en.wikipedia.org/w/index.php?title=Red_October_(malware)&oldid=1276185685"