Last week, researchers from German security company G Data Software reported for the first time about a very complex and sophisticated rootkit malware, Uroburos designed to steal data from secure installations and have the ability to take control of an infected machine, execute arbitrary commands and conceal its activities from the system owner.
Recently, British cyber experts from BAE Systems have unveiled a native Russian malware called 'SNAKE', which has remained virtually unnoticed for at least eight years, and has already penetrated a large number of security systems. Rootkit Uroburos was one of the components of this malware.
In a separate survey, Western intelligence officials have discovered another spyware that has infected hundreds of government computers across Europe and the United States and is known by the name "Turla." The researchers believed that Turla is directly linked to a old malicious campaign known as "Red October" or "Red October", a huge global spy-based Cyber Project that was aimed diplomatically, militarily. nuclear and research networks.
"It is a sophisticated malware that is associated with other Russian exploits, uses encryption and targets Western governments. It has Russian traces everywhere, "said Jim Lewis, a former US foreign affairs official.
Yesterday, the BAE Systems Applied Intelligence he analyzed the "extent of his poisonous" character Snake which uses new tricks to overcome Windows security, including its ability to hide Web traffic of the victim. The new malware features all the features of an extremely advanced Cyberproject that exploits vulnerabilities from user failures and also has the ability to do exploit to a vulnerability escalation that allows it to bypass Windows 64-bit, a vulnerability that resembles a well-known "zero-day" exploit.
"His design shows that attackers have an arsenal of penetration tools and has all the features of an extremely advanced Cyberproject. The most remarkable thing is the trick used by developers to load unsigned malicious software into Windows 64bit systems, bypassing the core elements of Windows security, "said BAE.
Practice in the past was also known as Agent.BTZ discovered in 2008 when US defense ministry officials argued that their classified networks had been compromised by an earlier version of the same virus. Since then, many advanced features have been developed and added to make it even more versatile and more sophisticated than it used to be, BAE said.
According to BAE Systems Applied Intelligence, malware acts mainly in Eastern Europe, but also in the US, the UK and other Western European countries. Malware can penetrate systems running Windows XP, Vista, 7, and 8.
"Although there has been some awareness of SNAKE malware for a few years, we have not been able to uncover the full scope of its capabilities so far, and the threat presented to us is clearly something that needs to be taken more seriously," said Martin Sutherland, CEO of BAE Systems. "
The publication was at The Hacker News