A new report by the Kaspersky Lab’s Global Research and Analysis Team, entitled “Red October” Diplomatic Cyber Attacks Investigation, reveals detailed technical analysis of a series of targeted attacks against diplomatic, governmental and scientific research organizations in different countries, mostly related to the region of Eastern Europe, former USSR members and countries in Central Asia.
However, attacks did include the United States and Western European countries, such as France.
The question of who is behind the attack in not mentioned in the report. The odd thing is that China is not mentioned as a victim of the attacks in the report. Very puzzling.
According to the report, the main objective of the attackers was to gather intelligence from the compromised organizations, which included computer systems, personal mobile devices and network equipment.
The earliest evidence indicates that the cyber-espionage campaign was active since 2007 and is still active at the time of writing (January 2013). Besides that, registration data used for the purchase of several Command & Control (C&C) servers and unique malware filenames related to the current attackers hints at even earlier time of activity dating back to May 2007.