Your new post is loading...
Cybersecurity researchers at Symantec have discovered a previously-unknown hacker group they have dubbed 'Strider', which has been infecting organisations and individuals that would be of potential interest to a nation state's intelligence services.
The group's Remsec malware appears to mainly target organisations and individuals in Russia, but has also infiltrated the systems of an airline in China, an embassy in Belgium, and an unspecified organisation in Sweden. The malware is very much designed to spy on its targets: once it has infected a system, it opens a backdoor through which it can log keystrokes and steal files.
It's thought the highly-targeted malware -- only 36 infections in five years -- has been in operation since October 2011, avoiding detection by the vast majority of antivirus systems for almost five years through a number of features designed to ensure stealth.
Several of the components which make up Remsec are built in the form of a Binary Large Object (BLOB), collections of binary data which are difficult for security software to detect. In addition, the malware's functionality is deployed across a network which means it isn't stored on disk, another factor which makes it difficult to detect.
Learn more / En savoir plus / Mehr erfahren:
http://www.scoop.it/t/securite-pc-et-internet/?tag=Remsec
Learn more / En savoir plus / Mehr erfahren:
http://www.scoop.it/t/securite-pc-et-internet/?tag=Remsec