Red October (malware)

Last updated

Operation Red October or Red October was a cyberespionage malware program discovered in October 2012 and uncovered in January 2013 by Russian firm Kaspersky Lab. The malware was reportedly operating worldwide for up to five years prior to discovery, transmitting information ranging from diplomatic secrets to personal information, including from mobile devices. The primary vectors used to install the malware were emails containing attached documents that exploited vulnerabilities in Microsoft Word and Excel. [1] [2] Later, a webpage was found that exploited a known vulnerability in the Java browser plugin. [1] [3] Red October was termed an advanced cyberespionage campaign intended to target diplomatic, governmental and scientific research organizations worldwide.

A map of the extent of the operation was released by the Kaspersky Lab – the "Moscow-based antivirus firm that uncovered the campaign." [4]

After being revealed, domain registrars and hosting companies shut down as many as 60 domains, used by the virus creators to receive information. The attackers, themselves, shut down their end of the operation, as well.[ citation needed ]

The perpetrator of the operation has not been conclusively determined but it appeared to have been in operation on some level since May 2007 at the latest. According to Kaspersky Lab, Russian slang words were found in the code which would be "generally unknown to non-native Russian speakers." However, the program also appeared to be built on existing exploits developed by Chinese hackers and previously used against Tibetan activists. [4]

Operation Red October Cyber Breaches [4]
CountryGovernmentEmbassy (Diplomatic)MilitaryNuclear / Energy ResearchAerospaceOil & Gas IndustryTrade and CommerceResearch InstitutionsUnknown Victims
Flag of the United States.svg  United States NoYesNoNoNoNoNoNoNo
Flag of Russia.svg  Russia NoYesYesYesNoNoNoYesNo
Flag of Belarus.svg  Belarus YesYesYesYesNoYesNoYesNo
Flag of Kazakhstan.svg  Kazakhstan YesYesYesYesYesNoNoNoNo
Flag of the United Arab Emirates.svg  United Arab Emirates YesYesNoYesNoYesNoNoNo
Flag of Azerbaijan.svg  Azerbaijan NoYesNoYesNoYesNoYesNo
Flag of Turkmenistan.svg  Turkmenistan YesNoNoYesNoYesNoNoNo
Flag of the Taliban.svg  Afghanistan YesYesYesNoNoNoNoNoNo
Flag of Moldova.svg  Moldova YesYesYesNoNoNoNoNoNo
Flag of France.svg  France NoYesYesNoNoNoNoNoNo
Flag of Spain.svg  Spain YesYesNoNoNoNoNoNoNo
Flag of Armenia.svg  Armenia YesYesNoNoNoNoNoNoNo
Flag of Cyprus.svg  Cyprus YesYesNoNoNoNoNoNoNo
Flag of Iraq.svg  Iraq YesNoNoNoNoNoNoNoNo
Flag of Brunei.svg  Brunei YesNoNoNoNoNoNoNoNo
Flag of Luxembourg.svg  Luxembourg YesNoNoNoNoNoNoNoNo
Flag of India.svg  India NoYesNoNoNoNoNoNoNo
Flag of Uganda.svg  Uganda NoYesNoNoNoNoNoNoNo
Flag of Pakistan.svg  Pakistan NoYesNoNoNoNoNoNoNo
Flag of Oman.svg  Oman NoYesNoNoNoNoNoNoNo
Flag of Saudi Arabia.svg  Saudi Arabia NoYesNoNoNoNoNoNoNo
Flag of Italy.svg  Italy NoYesNoNoNoNoNoNoNo
Flag of Portugal.svg  Portugal NoYesNoNoNoNoNoNoNo
Flag of Morocco.svg  Morocco NoYesNoNoNoNoNoNoNo
Flag of Israel.svg  Israel NoYesNoNoNoNoNoNoNo
Flag of Jordan.svg  Jordan NoYesNoNoNoNoNoNoNo
Flag of Greece.svg  Greece NoYesNoNoNoNoNoNoNo
Flag of Ireland.svg  Ireland NoYesNoNoNoNoNoNoNo
Flag of Belgium (civil).svg  Belgium NoYesNoNoNoNoNoNoNo
Flag of Germany.svg  Germany NoYesNoNoNoNoNoNoNo
Flag of Hungary.svg  Hungary NoYesNoNoNoNoNoNoNo
Flag of Mauritania.svg  Mauritania NoYesNoNoNoNoNoNoNo
Flag of the Republic of the Congo.svg  Congo NoYesNoNoNoNoNoNoNo
Flag of South Africa.svg  South Africa NoYesNoNoNoNoNoNoNo
Flag of Botswana.svg  Botswana NoYesNoNoNoNoNoNoNo
Flag of Mozambique.svg  Mozambique NoYesNoNoNoNoNoNoNo
Flag of Tanzania.svg  Tanzania NoYesNoNoNoNoNoNoNo
Flag of Kenya.svg  Kenya NoYesNoNoNoNoNoNoNo
Flag of Lithuania.svg  Lithuania NoYesNoNoNoNoNoNoNo
Flag of Latvia.svg  Latvia NoYesNoNoNoNoNoNoNo
Flag of Turkey.svg  Turkey NoYesNoNoNoNoNoNoNo
Flag of Iran.svg  Iran NoYesNoNoNoNoNoNoNo
Flag of Uzbekistan.svg  Uzbekistan NoYesNoNoNoNoNoNoNo
Flag of Kuwait.svg  Kuwait NoYesNoNoNoNoNoNoNo
Flag of Switzerland (Pantone).svg   Switzerland NoYesNoNoNoNoNoNoNo
Flag of Lebanon.svg  Lebanon NoYesNoNoNoNoNoNoNo
Flag of Austria.svg  Austria NoYesNoNoNoNoNoNoNo
Flag of Georgia.svg  Georgia NoYesNoNoNoNoNoNoNo
Flag of Bosnia and Herzegovina.svg  Bosnia & Herzegovina NoYesNoNoNoNoNoNoNo
Flag of Serbia.svg  Serbia NoNoNoNoNoNoNoNoYes
Flag of Finland.svg  Finland NoNoNoNoNoNoNoNoYes
Flag of the Czech Republic.svg  Czech Republic NoNoNoNoNoNoNoNoYes
Flag of Slovakia.svg  Slovakia NoNoNoNoNoNoNoNoYes
Flag of North Macedonia.svg  Macedonia NoNoNoNoNoNoNoNoYes
Flag of Albania.svg  Albania NoNoNoNoNoNoNoNoYes
Flag of Mali.svg  Mali NoNoNoNoNoNoNoNoYes
Flag of Australia (converted).svg  Australia NoNoNoNoNoNoNoNoYes
Flag of Chile.svg  Chile NoNoNoNoNoNoNoNoYes
Flag of Brazil.svg  Brazil NoNoNoNoNoNoNoNoYes
Flag of Ethiopia.svg  Ethiopia NoNoNoNoNoNoNoNoYes
Flag of Bulgaria.svg  Bulgaria NoNoNoNoNoNoNoNoYes
Flag of Bahrain.svg  Bahrain NoNoNoNoNoNoNoNoYes
Flag of Slovakia.svg  Slovakia NoNoNoNoNoNoNoNoYes

References

  1. 1 2 McAllister, Neil (16 Jan 2013). "Surprised? Old Java exploit helped spread Red October spyware". The Register.
  2. "The "Red October" Campaign – An Advanced Cyber Espionage Network Targeting Diplomatic and Government Agencies". Kaspersky Lab. 3 Mar 2014.
  3. Goodin, Dan (15 Jan 2013). "Red October relied on Java exploit to infect PCs". Ars Technica.
  4. 1 2 3 Zetter, Kim (January 14, 2013). "Cybersleuths Uncover 5-Year Spy Operation Targeting Governments, Others". Wired . Retrieved 25 January 2023.