Det russiske antivirusfirma Kaspersky har fundet en ny avanceret virus Duku 2
Kaspersky siger ikke noget om hvem, der står bag, selv om de mener at det er et land med betydelig avanceret viden.
Journalister har omgående udpeget Israel, og det er da en mulighed
Kaspersky skriver (bl.a) :
The Big Picture
“The people behind Duqu are one of the most skilled and powerful APT groups and they did everything possible to try to stay under the radar,” said Costin Raiu, Director of Kaspersky Lab’s Global Research & Analysis Team. “This highly sophisticated attack used up to three zero-day exploits, which is very impressive – the costs must have been very high. To stay hidden, the malware resides only in kernel memory, so anti-malware solutions might have problems detecting it. It also doesn’t directly connect to a command-and-control server to receive instructions. Instead, the attackers infect network gateways and firewalls by installing malicious drivers that proxy all traffic from the internal network to the attackers’ command and control servers.”
Hvis det er Israel, der står bag, så har de nu en komplet samling af alle emails sendt fra de 3 hoteller.
Og da det er en kernel-virus , burde den være i stand til at fange data inden data bliver krypteret !
Obama og Khamenei må sove lidt dårligere i aften 🙂 🙂
Læs mere om Duku 2 her og her (MEGET teknisk og meget interessant)
Taget herfra
Leave a Reply