Kaspersky Lab Hacked

[EliminatingAngels]

 

One of the leading anti-virus software providers has revealed that its own systems were recently compromised by hackers.

Kaspersky Lab said it believed the attack was designed to spy on its newest technologies.

 

Kaspersky Lab has apparently been hacked. The breach was first detected in early spring. Kaspersky says that the attackers accessed files but the files were not critical. The malware does not write to any disk, but rather the computer's memory. The hack consisted of 3 previously unknown techniques and is one of the most sophisticated hacks ever. 

 

 

Kaspersky Lab said that it had detected the breach in the "early spring", and described it as "one of the most sophisticated campaigns ever seen".

The malware does not write any files to disk, but instead resides in affected computers' memory, making it relatively hard to detect.

 

 

 

"This highly sophisticated attack used up to three zero-day [previously unknown] exploits, which is very impressive - the costs must have been very high," commented Costin Raiu, director of Kaspersky Lab's global research and analysis team.

 

I am personally curious as to the source of attack. The funding for such an attack must have been incredible. 

Sources: 

http://www.bbc.com/news/technology-33083050

 

https://blog.kaspersky.co.uk/kaspersky-statement-duqu-attack/

[dfsdfgfkjsefoiqzemnd]

Probably the NSA or GCHQ trying to find out if Kaspersky is already onto the successor for Regin. 

 

InB4 they blame Russia, China or North Korea.

[Trik'Stari]

Was this the Duqu 2.0 attack that they reported on earlier today? The one that was used to spy on the iran nuclear agreement talks?

[EliminatingAngels]

Was this the Duqu 2.0 attack that they reported on earlier today? The one that was used to spy on the iran nuclear agreement talks?

 

yes

[ThomasD]

Probably the NSA or GCHQ trying to find out if Kaspersky is already onto the successor for Regin. 

 

InB4 they blame Russia, China or North Korea.

Probably not China, because they are more interested in the low hanging fruit - faster profits.

 

But Russia?  No reason why it wouldn't be them, and plenty of reasons why it would.  You do know they (Kaspersky) are based in Moscow?

 

It is also entirely possible the whole thing is a false flag operation by Kaspersky looking for any change in access patterns/hack attempts after they released the report.

[CommandMan7]

3 Zero day exploits. Zero day exploits are like the nukes of the programming world, and 3 of them is pretty significant. The last time there was an attack with that many zero day exploits (4 to be exact) it was the Stuxnet virus that destroyed a bunch of Iran's nuclear centrifuges.

[NateGSR117]

Dam, and I use them since my school gives them out for free for current student.

[EliminatingAngels]

Dam, and I use them since my school gives them out for free for current student.

They said that the information the hackers obtained does not affect users. You should still be okay. 

[Briggsy]

Dam, and I use them since my school gives them out for free for current student.

 

Kaspersky are good enough that they were able to detect it in their own system heuristically, before any real harm was done. Other companies like Symantec are probably infected without knowing it. I'm kidding of course, Symantec have a definition for it already.