Red October (malware)

Last updated

Operation Red October or Red October was a cyberespionage malware program discovered in October 2012 and uncovered in January 2013 by Russian firm Kaspersky Lab. The malware was reportedly operating worldwide for up to five years prior to discovery, transmitting information ranging from diplomatic secrets to personal information, including from mobile devices. The primary vectors used to install the malware were emails containing attached documents that exploited vulnerabilities in Microsoft Word and Excel. [1] [2] Later, a webpage was found that exploited a known vulnerability in the Java browser plugin. [1] [3] Red October was termed an advanced cyberespionage campaign intended to target diplomatic, governmental and scientific research organizations worldwide.

A map of the extent of the operation was released by the Kaspersky Lab – the "Moscow-based antivirus firm that uncovered the campaign." [4]

After being revealed, domain registrars and hosting companies shut down as many as 60 domains, used by the virus creators to receive information. The attackers, themselves, shut down their end of the operation, as well.[ citation needed ]

The perpetrator of the operation has not been conclusively determined but it appeared to have been in operation on some level since May 2007 at the latest. According to Kaspersky Lab, Russian slang words were found in the code which would be "generally unknown to non-native Russian speakers." However, the program also appeared to be built on existing exploits developed by Chinese hackers and previously used against Tibetan activists. [4]

Operation Red October Cyber Breaches [4]
CountryGovernmentEmbassy (Diplomatic)MilitaryNuclear / Energy ResearchAerospaceOil & Gas IndustryTrade and CommerceResearch InstitutionsUnknown Victims
Flag of the United States.svg United States NoYesNoNoNoNoNoNoNo
Flag of Russia.svg Russia NoYesYesYesNoNoNoYesNo
Flag of Belarus.svg Belarus YesYesYesYesNoYesNoYesNo
Flag of Kazakhstan.svg Kazakhstan YesYesYesYesYesNoNoNoNo
Flag of the United Arab Emirates.svg United Arab Emirates YesYesNoYesNoYesNoNoNo
Flag of Azerbaijan.svg Azerbaijan NoYesNoYesNoYesNoYesNo
Flag of Turkmenistan.svg Turkmenistan YesNoNoYesNoYesNoNoNo
Flag of the Taliban.svg Afghanistan YesYesYesNoNoNoNoNoNo
Flag of Moldova.svg Moldova YesYesYesNoNoNoNoNoNo
Flag of France.svg France NoYesYesNoNoNoNoNoNo
Flag of Spain.svg Spain YesYesNoNoNoNoNoNoNo
Flag of Armenia.svg Armenia YesYesNoNoNoNoNoNoNo
Flag of Cyprus.svg Cyprus YesYesNoNoNoNoNoNoNo
Flag of Iraq.svg Iraq YesNoNoNoNoNoNoNoNo
Flag of Brunei.svg Brunei YesNoNoNoNoNoNoNoNo
Flag of Luxembourg.svg Luxembourg YesNoNoNoNoNoNoNoNo
Flag of India.svg India NoYesNoNoNoNoNoNoNo
Flag of Uganda.svg Uganda NoYesNoNoNoNoNoNoNo
Flag of Pakistan.svg Pakistan NoYesNoNoNoNoNoNoNo
Flag of Oman.svg Oman NoYesNoNoNoNoNoNoNo
Flag of Saudi Arabia.svg Saudi Arabia NoYesNoNoNoNoNoNoNo
Flag of Italy.svg Italy NoYesNoNoNoNoNoNoNo
Flag of Portugal (official).svg Portugal NoYesNoNoNoNoNoNoNo
Flag of Morocco.svg Morocco NoYesNoNoNoNoNoNoNo
Flag of Israel.svg Israel NoYesNoNoNoNoNoNoNo
Flag of Jordan.svg Jordan NoYesNoNoNoNoNoNoNo
Flag of Greece.svg Greece NoYesNoNoNoNoNoNoNo
Flag of Ireland.svg Ireland NoYesNoNoNoNoNoNoNo
Flag of Belgium (civil).svg Belgium NoYesNoNoNoNoNoNoNo
Flag of Germany.svg Germany NoYesNoNoNoNoNoNoNo
Flag of Hungary.svg Hungary NoYesNoNoNoNoNoNoNo
Flag of Mauritania.svg Mauritania NoYesNoNoNoNoNoNoNo
Flag of the Republic of the Congo.svg Congo NoYesNoNoNoNoNoNoNo
Flag of South Africa.svg South Africa NoYesNoNoNoNoNoNoNo
Flag of Botswana.svg Botswana NoYesNoNoNoNoNoNoNo
Flag of Mozambique.svg Mozambique NoYesNoNoNoNoNoNoNo
Flag of Tanzania.svg Tanzania NoYesNoNoNoNoNoNoNo
Flag of Kenya.svg Kenya NoYesNoNoNoNoNoNoNo
Flag of Lithuania.svg Lithuania NoYesNoNoNoNoNoNoNo
Flag of Latvia.svg Latvia NoYesNoNoNoNoNoNoNo
Flag of Turkey.svg Turkey NoYesNoNoNoNoNoNoNo
Flag of Iran.svg Iran NoYesNoNoNoNoNoNoNo
Flag of Uzbekistan.svg Uzbekistan NoYesNoNoNoNoNoNoNo
Flag of Kuwait.svg Kuwait NoYesNoNoNoNoNoNoNo
Flag of Switzerland (Pantone).svg  Switzerland NoYesNoNoNoNoNoNoNo
Flag of Lebanon.svg Lebanon NoYesNoNoNoNoNoNoNo
Flag of Austria.svg Austria NoYesNoNoNoNoNoNoNo
Flag of Georgia.svg Georgia NoYesNoNoNoNoNoNoNo
Flag of Bosnia and Herzegovina.svg Bosnia & Herzegovina NoYesNoNoNoNoNoNoNo
Flag of Serbia.svg Serbia NoNoNoNoNoNoNoNoYes
Flag of Finland.svg Finland NoNoNoNoNoNoNoNoYes
Flag of the Czech Republic.svg Czech Republic NoNoNoNoNoNoNoNoYes
Flag of Slovakia.svg Slovakia NoNoNoNoNoNoNoNoYes
Flag of North Macedonia.svg Macedonia NoNoNoNoNoNoNoNoYes
Flag of Albania.svg Albania NoNoNoNoNoNoNoNoYes
Flag of Mali.svg Mali NoNoNoNoNoNoNoNoYes
Flag of Australia (converted).svg Australia NoNoNoNoNoNoNoNoYes
Flag of Chile.svg Chile NoNoNoNoNoNoNoNoYes
Flag of Brazil.svg Brazil NoNoNoNoNoNoNoNoYes
Flag of Ethiopia.svg Ethiopia NoNoNoNoNoNoNoNoYes
Flag of Bulgaria.svg Bulgaria NoNoNoNoNoNoNoNoYes
Flag of Bahrain.svg Bahrain NoNoNoNoNoNoNoNoYes
Flag of Slovakia.svg Slovakia NoNoNoNoNoNoNoNoYes

References

  1. 1 2 McAllister, Neil (16 Jan 2013). "Surprised? Old Java exploit helped spread Red October spyware". The Register.
  2. "The "Red October" Campaign – An Advanced Cyber Espionage Network Targeting Diplomatic and Government Agencies". Kaspersky Lab. 3 Mar 2014. Archived from the original on 2013-01-15.
  3. Goodin, Dan (15 Jan 2013). "Red October relied on Java exploit to infect PCs". Ars Technica.
  4. 1 2 3 Zetter, Kim (January 14, 2013). "Cybersleuths Uncover 5-Year Spy Operation Targeting Governments, Others". Wired . Retrieved 25 January 2023.