Java under attack – the evolution of exploits in 2012-2013
According to the Kaspersky Lab study «Java under attack – the evolution of exploits in 2012-2013», the number of attacks using Java exploits from September 2012 to August 2013 amounted to 14.1 million – one third more than in the same period in 2011-2012. Of the 14.1 million attacks detected using Java exploits, most happened in the second half of the study period – over 8.54 million attacks were registered from March to August 2013, up 52.7% on the previous six months.
Kaspersky Lab’s security research team discovered “The Mask” (aka Careto), an advanced Spanish-language speaking threat actor that has been involved in global cyber-espionage operations since at least 2007. What makes The Mask special is the complexity of the toolset used by the attackers. This includes an extremely sophisticated malware, a rootkit, a bootkit, Mac OS X and Linux versions and possibly versions for Android and iOS (iPad/iPhone).
Kaspersky Lab’s team of experts discovered a cyber-espionage operation exposing a new emerging trend: appearance of small groups of cyber-mercenaries available for hire to perform surgical hit and run operations. The APT group focuses on targets in South Korea and Japan, hitting the supply chain for Western companies. The operation started in 2011 and has increased in size and scope over the last few years. Based on the profiles of identified targets, the attackers appear to have an interest in the following sectors: military, shipbuilding and maritime operations, computer and software development, research companies, telecom operators, satellite operators, mass media and television.
Kaspersky Lab identified operation “Red October”, an advanced cyber-espionage campaign targeting diplomatic, governmental and scientific research organizations in several countries for at least five years. The primary focus of this campaign targets countries in Eastern Europe, former USSR Republics, and countries in Central Asia, although victims can be found everywhere, including Western Europe and North America.