When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Report says Russia may be gathering intelligence with malware

News Editor Neowin · · Hot! with 10 comments

Image via ewallpapers.eu

A new report by California-based cyber security firm Fire Eye says that a well known group of malware may have been developed and deployed by the Russian government to collect sensitive intelligence on militaries, governments, and other groups of interest to Russia.

The report, released on Tuesday, notes that the malware group is already well known within the cyber security community -- and that it differs from other malware in that it doesn't target financial information or intellectual property that may be useful to a private citizen who wants to turn a profit. Instead, the malware targets intelligence on defense and geopolitical issues of various groups which Russia has an interest in: several defense and internal affairs ministries in Georgia, neighboring countries including Poland and Hungary, and Western security organizations including NATO and OSCE.

Fire Eye says that through its threat assessment, it has determined several factors aside from the type of information targeted that would indicate a Russian government origin. The malware typically has a default language setting of Russian, and it is developed during working hours in Moscow and St. Petersburg. 

"While we don't have pictures of a building, personas to reveal, or a government agency to name," the firm said in its threat report, "what we do have is evidence of long-standing, focused operations that indicate a government sponsor - specifically, a government based in Moscow."

Earlier this month, a report by another security firm detailed how Russia used a Windows zero-day exploit in a similar manner, to spy on organizations including NATO, the Ukrainian government, and various European telecom companies. As with this group of malware, the Windows zero-day exploit targeted only information which would be useful to the Russian government, and originated from major Russian cities. 

The Russian government has also received significant flak for its approach to technology and cyber security in the past, including passing a bill which would require personal data of Russian citizens to be stored on servers within the country, and whipping major companies like Google, Twitter, and Facebook to comply with the laws or face a nationwide ban.

Source: Fire Eye

Report a problem with article
Next Article

Microsoft expands Office 365 APIs for all mobile platforms and web

Previous Article

TechSpot: HIS Liquid-Cooled R9 290X Hybrid IceQ Review

Join the conversation!

Login or Sign Up to read and post a comment.

10 Comments - Add comment