Researchers shared their discovery and research on espionage malware "The Mask" (aka Careto) at the Kaspersky Labs security summit this week. ZDNet took photos of the presentation.
PUNTA CANA, Dominican Republic -- Kaspersky’s security research team revealed "one of the most advanced" cyber-espionage malware threats “The Mask” (aka Careto) at the 2014 Security Analyst Summit this week.
ZDNet attended Kaspersky's presentaiton of "Behind the Mask" -- our photos of the presentation and its slides offer more details about the malware.
Slides of the presentation have not yet been published online.
IOC information has been included in Kaspersky's detailed technical research paper.
See: Washington Post, Guardian links used to infect The Mask malware victims
The malware's primary targets are government institutions, diplomatic offices and embassies, energy, oil and gas companies, research institutions, private equity firms and high-profile activists.
The researchers specifically named The Mask's phishing bait as "The Guardian" and "Washington Post" links sent in targeted emails.
The Mask collects a large list of documents from the infected system, including encryption keys, VPN configurations, SSH keys and RDP files.
There are also several unknown extensions being monitored that Kaspersky has not been able to identify and said "could be related to custom military/government-level encryption tools."
The researchers said, "At the moment, all known Careto command and control servers are offline. The campaign was active [from 2007] until January 2014, but during our investigations the C&C servers were shut down."
Kaspersky added that the malware's most active year for variants was 2012 in its official Mask FAQ, published after the presentation and announcements, at the end of conference day one.
Caption by: Violet Blue
iOS 12.3: How to keep your iPhone safe from hackers and snoopers
Your iPhone and iPad is likely packed with important, valuable, and even sensitive information that you might not want others to be able to access. Here are the steps you should take ...
How to secure your iPhone or iPad from hackers, snoopers, and thieves (iOS 12.2)
Your iPhone and iPad is likely packed with important, valuable, and even sensitive information that you might not want others to be able to access. Here are the steps you should take ...
Plagues then and now: Blood, frogs and locusts are no match for the ravages of 2019
What would a modern-day Plague of Lice look like?
How to protect your Google Account with the Advanced Protection Program
If you want to beef up the security on your Google Account, then the Advanced Protection Program those at risk of targeted attacks – such as journalists, activists, business leaders, ...
Who is really in the driver’s seat? Unknown digital threats to your car’s security
The technology managing the systems in our cars could be open drivers up to the risk of hacking. Find out the most common digital threats to our cars, and how you can reduce your risk. ...
Data leaks: The most common sources
This gallery contains a list of the technologies that have been many times at the heart of a large number of data breaches incidents in the past few years. ...
Facebook's worst privacy scandals and data disasters
Time and time again, Facebook has been slammed for privacy practices and data handling. Here are some of the most prominent, recent scandals of note.
Join Discussion