Alwaght- The hacking group that was earlier known as Strider and Project Sauron has launched a wide-ranging and organized cyber-attack at an array of countries including Iran, Russia, China, India, Sweden, Belgium, and Rwanda. The cyber raid has used a highly advanced malware dubbed Remsec. The malware majorly targeted the state and military organizations.
Symantec, an American technology company, has stated that the hacking group had started activities since 2011, and that it was linked to a state intelligence service. The company added that, however, had no information at its disposal yet about the country or group behind the cyberattack.
The significant point is that the malware used in the attack is mostly active in targeting organizational networks, and that it does not attack the personal computers. The spyware can fully seize control of the victim computers, record the keyword’s information, and steal user’s files and data.
Commenting on activities of the hacking group, Symantec maintained that Strider was capable of producing completely advanced and personal malwares. The American company continued that the group has been working undetected for five years. The malware has been evading being detected by the cyber radars for all the five years. The spy intentions and the nature of the targets and victims show that the group very likely is state-supported.
The Kaspersky Internet Security, another American company, has released some details about the group and its activities, as well as some characteristics of the Remsec spyware. The company said that the hacking group which is called by Kaspersky Project Sauron has the features of an advanced hackers group. The features include use of Zero-Day Exploits, use of undetected malwares, infiltration into and spying on big organizations in different countries, stealing the data long before they are revealed, and use of malwares that only leave tracks on the computer RAM and hide activities on the hard disc drive.
Kaspersky said that only in Iran, Russia, and Rwanda over 30 significant state organizations had come under attack of the hacking group. Military, state, scientific and research centers, telecommunications companies, and financial institutions have been victims of the cyber raid.
But Symantec has talked about further targets of the attack, adding that Remsec had strange and close ties to such malwares as Regin and Flame– two spywares earlier brought Iran under their cyber assault. Therefore, it can be very good guessed where this new cyber raid has originated from. Under new situation, the cyber confrontation of the powers would everyday take a new form.
By Al Waght