One of the best security experts in the field, the guys over at Kaspersky Lab, got hacked this Wednesday. They say that the method employed was so complex and stealthy that they believe the hackers originate from a government agency.
Kaspersky stated that no services were affected or data compromised prior to the attack, but that does not mean the hack itself is to be taken lightly. They named the attack Duqu 2.0, an upgraded version of the original Duqu attack from September 2011.
The original Duqu attack employed a variety of malware delivered through the so-called Stuxnet worm. The latest attack on Wednesday is also believed to take advantage of some zero-day vulnerabilities found in Microsoft’s operating system.
Kaspersky said that the hackers were interested in proprietary information such as ongoing investigations, detection methods and analytical capabilities. In addition, the company found that that the attackers previously spied on other targets such as participants in the international negotiations on Iran’s nuclear program and people attending the 70th anniversary event of the liberation of the Auschwitz concentration camp.
The investigation is still ongoing, but Kaspersky said it will take only a few weeks to figure out what the purpose of these attacks may be. However, the hackers may not be able to pull this off any longer, since Kaspersky already added a Duqu 2.0 detection tool in its latest update.
Kaspersky has also expressed no interest in getting involved in any political matter, but has notified relevant law enforcement agencies of the attack nevertheless. Also, the company forwarded the zero-day exploit to Microsoft so the company may patch the exploit in future updates.
Thank you Sci-Tech Today for providing us with this information