10 Linux distros: From different to dangerous
One of the great benefits of Linux is the ability to roll your own. Throughout the years, individuals, organizations, and even nation states have done just that. In this gallery, we're ...
Researchers shared their discovery and research on espionage malware "The Mask" (aka Careto) at the Kaspersky Labs security summit this week. ZDNet took photos of the presentation.
Read More
Read Less
Kaspersky Labs "The Mask"
PUNTA CANA, Dominican Republic -- Kaspersky’s security research team revealed "one of the most advanced" cyber-espionage malware threats “The Mask” (aka Careto) at the 2014 Security Analyst Summit this week.
ZDNet attended Kaspersky's presentaiton of "Behind the Mask" -- our photos of the presentation and its slides offer more details about the malware.
Slides of the presentation have not yet been published online.
IOC information has been included in Kaspersky's detailed technical research paper.
See: Washington Post, Guardian links used to infect The Mask malware victims
The malware's primary targets are government institutions, diplomatic offices and embassies, energy, oil and gas companies, research institutions, private equity firms and high-profile activists.
The researchers specifically named The Mask's phishing bait as "The Guardian" and "Washington Post" links sent in targeted emails.
The Mask collects a large list of documents from the infected system, including encryption keys, VPN configurations, SSH keys and RDP files.
There are also several unknown extensions being monitored that Kaspersky has not been able to identify and said "could be related to custom military/government-level encryption tools."
The researchers said, "At the moment, all known Careto command and control servers are offline. The campaign was active [from 2007] until January 2014, but during our investigations the C&C servers were shut down."
Kaspersky added that the malware's most active year for variants was 2012 in its official Mask FAQ, published after the presentation and announcements, at the end of conference day one.
Caption by: Violet Blue
Related Galleries
- 1 of 3
-
-
2019's tech, security, and authentication trends
We take a look at the top tech, cybersecurity, and authentication trends as revealed today by the Duo Security's 2019 Trusted Access Report, which includes data from 24 million devices, ...
-
The world's most famous and dangerous APT (state-developed) malware
A list of the most dangerous, effective, and most well-known malware strains that have been developed by the cyber-security units of various countries' intelligence and military ...
-
Best-paid tech jobs, malware warnings and shadow IT: Research round-up
All the facts and figures that matter to you and your business from the past month in technology news.
-
The Mac malware most likely to attack your PC this year
These are the 10 malware families used the most in new macOS attacks over 2019.
-
Is your phone listening to your conversations? Paranoid's guide to settings you can change
Are you suspicious about your phone? Have a look at these settings to put your mind at ease.
-
HackerOne's top 20 public bug bounty programs
These are the top 20 biggest, fastest, and most lucrative bounty programs on the HackerOne platform.
Join Discussion