Firm Uncovers Advanced Government-Hunting Virus
Kapersky calls it 'Careto'
By Kevin Spak, Newser User
Posted Feb 11, 2014 3:24 PM CST
   (Shutterstock)

(Newser) – A stunningly advanced malware threat has been targeting government institutions, diplomatic offices, energy companies, private equity firms, activists, and more for five years now, infecting at least 380 unique victims across 31 countries, Kaspersky security researchers have revealed. They're calling the virus "Careto" (meaning "mask" or "ugly face"), because the word crops up in some of the code. The hackers' professionalism and care in covering their tracks "make us believe this could be a state-sponsored operation," the researchers write.

Computers are infected via spearphishing emails, which point users to seemingly innocuous links to reputable sites like YouTube or the Washington Post. Once the device—be it PC, Mac, or even smartphone—is infected, the unwitting user is quickly redirected to the site they assumed they were clicking on. The virus has been most active in Morocco and Brazil, followed by the UK, Spain, France, Switzerland, Libya, the US, and Iran. Kapersky identified a Paris-based firm called Vupen as being responsible for one of the exploits the Mask employs. Vupen discovered the Flash flaw in a 2012 hacking competition, but, in a controversial move, chose not to reveal it, saying it would sell it instead. Asked about the revelation, the company told Reuters, "Believe it or not, but there are many other companies selling" such exploits.

Next on Newser: Holder: Let Ex-Cons Vote
More From Newser
My Take on This Story
To report an error on this story,
notify our editors.
Firm Uncovers Advanced Government-Hunting Virus is...
6%
14%
6%
9%
60%
4%
Show results without voting
You Might Like
Comments
Showing 3 of 16 comments
Ezekiel 25:17
Feb 12, 2014 11:16 PM CST
Snowden seems to have settled in very nicely in Kapersky's luxury apartment in Moscow as he continues to give the FSB any information they need to hack US systems. If anything good has come of this, it gives the NSA a look into how Moscow may hack their own systems and provide a countermeasure that could wind up backfiring on other FSB agents. The nice part is the NSA knows what Snowden knows at the point he left. If you retool your entire infrastructure at that point of knowledge you can isolate attacks based on his level of intelligence, as it were.
TwoSheds
Feb 11, 2014 9:39 PM CST
Governments need a way to justify their bloated budgets so they create stuff like this.
cornelison
Feb 11, 2014 4:09 PM CST
If you're on a Russian site that doesn't offer a link to display English, get off the site. If you click on a link you may see porn that's has a virus attached. No, I wasn't looking for porn.