Hackers behind the long-running espionage campaign dubbed Red October were also using an old Java exploit to capture targets from government agencies and embassies. Read More ..
Earlier this week Russian security firm Kaspersky Lab announced the discovery of a targeted malware campaign aimed at high-profile diplomatic, military and government targets across 39 nations. The victims were primarily in Eastern Europe, however individuals in Western Europe and North America were also targeted.
The attackers had evaded detection for over five years, according to Kaspersky, giving them access to victims' passwords, network configurations and sensitive information on workstations and mobile devices.
While the researchers identified dozens of information-stealing capabilities, Red October's primary attack methods relied on exploits for flaws in Word and Excel documents, most likely sent to targets as email attachments. However, there was no evidence the attackers had used today's most popular attack vector: the web.