New spyware virus, with Iranian characteristics, ranging more than 50 specific targets in recent months, and stealing from them to date information
Aviv Raff, CTO of Skolrt, explains that malware targeting specific people, through presentations and other files infected, and when the victims were opened on computers to steal information from their computers began. It is not just access to the files, but also by recording keystrokes, screenshots frequent (includes footage of IM conversations), and voice recording computer. in a press release it distributed Kaspersky says that those who range are "business people who have worked on projects related to national infrastructure - including, economic institutions in Israel, the computer engineering students and computers governments around the Middle East. "clarify again that the malware is still active.
However, the analysis of Skolrt, most infections were carried out in Iran. Now aware of the company to 387 computers infected Iranian, Israeli and only 54 computers. In addition, 14 computers were also identified glued in Afghanistan, 6 and 4 UAE Saudi Arabia.
Kaspersky and Skolrt agree that it is not technologically sophisticated virus, that if such a project based on "social engineering" - injecting the victim computer by a custom face, takes into account the victim's occupation, their personal information and hobbies.
It is still unclear whether the attack is an attempt to present government-backed Iranian spy network people - Stuxnet malware more Iranian response, Duqu and Flame exposed the past two years.
Recall that Stoksnt intended to harm the Iranian centrifuges, Dooku stole information organizations in the country and Flame watched the computers throughout the Middle East. All three are suspected of planning and military intelligence organizations, with a spotlight on Israel and the U.S., but never proven direct link between malware and one or another country.
0 comments:
Post a Comment