We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Russia and allies targeted by huge malware campaign

Over 1,400 computers infected by document-stealing malware

Trend Micro has uncovered evidence of a major targeted malware attack that has managed to infect over 1,400 computers in Russia and its former Soviet satellite states.

After penetrating the command and control servers connected to a gang using the widely-circulating 'Lurid' downloader malware toolkit, the company discovered a list of 47 different victims, 1,465 infected PCs by IP address, across 61 different countries.

Overwhelmingly, the infected systems were in former Soviet republics, with Russia accounting for over a thousand, with smaller numbers in Kazakhstan, Ukraine, Uzbekistan, Belarus, Kyrgystan, plus some in other states such as Vietnam, India and China.

The breadth of the attack across this geographical region strongly suggests a targeted campaign as does the victim types identified which included "diplomatic missions, government ministries, space-related government agencies and other companies and research institutions."

Trend was not able to identify the organisation or state behind the attacks but the vector - exploiting a range of known software vulnerabilities for common apps such as Adobe's Reader - is identical to attacks that have been made public elsewhere in the world in recent times.

"Although our research didn't reveal precisely which data was being targeted, we were able to determine that, in some cases, the attackers attempted to steal specific documents and spreadsheets," said Trend's note on the discovery.

The use of the Lurid toolkit plus large numbers of old vulnerabilities puts the attacks in a less sophisticated category to the Night Dragon campaign uncovered by McAfee earlier this year which had used a mixture of zero-day malware and direct server hacking to target Western energy companies.


IDG UK Sites

5 reasons not to wait for the Apple Watch: Why you shouldn't buy the iWatch

IDG UK Sites

Why local multiplayer gaming is rapidly vanishing: we look at the demise of split-screen and LAN...

IDG UK Sites

How Emotional Debt is damaging digital design

IDG UK Sites

iPhone 6 review: Apple's new iPhone is bigger, better & faster than ever before