![]() However, considering that victim information has been collected only for some command-and-control servers and sinkholed hosts, the total number of affected countries and unique victims can be much higher. Infections have been observed in: Algeria, Argentina, Belgium, Bolivia, Brazil, China, Colombia, Costa Rica, Cuba, Egypt, France, Germany, Gibraltar, Guatemala, Iran, Iraq, Libya, Malaysia, Mexico, Morocco, Norway, Pakistan, Poland, South Africa, Spain, Switzerland, Tunisia, Turkey, United Kingdom, United States and Venezuela.īased on an identification algorithm we developed, we counted over 380 unique victims between over 1000+ IPs. ![]() The main targets of Careto fall into the following categories:Īlthough the exact number of victims is unknown, we observed victims at more than 1000 IP addresses in 31 countries. Who are the victims? / What can you say about the targets of the attacks? The name “Mask” comes from the Spanish slang word “Careto” (“Mask” or “Ugly Face”) that the authors included in some of the malware modules. This and several other factors make us believe this could be a state-sponsored operation. This puts it above Duqu in terms of sophistication, making The Mask one of the most advanced threats at the current time. The Mask also uses a customized attack against older Kaspersky Lab products in order to hide in the system. This includes an extremely sophisticated piece of malware, a rootkit, a bootkit, Mac OS X and Linux versions and possibly versions for Android and iPad/iPhone (iOS). What makes The Mask special is the complexity of the toolset used by the attackers. The Mask is an advanced threat actor that has been involved in cyber-espionage operations since at least 2007.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |