Kaspersky Lab, a Russian antivirus firm which is one of the major cyber security research firms in the world admitted on Wednesday that its systems had been hacked.
Eugene Kaspersky, CEO and founder of Kaspersky Lab wrote in a blog post, “We discovered an advanced attack on our own internal networks. It was complex, stealthy, it exploded several zero-day vulnerabilities, and we’re quite confident that there’s a nation state behind it.”
Kaspersky Lab informed its customer that the advanced attack stayed away from their information and their data is safe. Instead the attack was targeted at Kapersky’s own systems and intellectual property. The company also informed that he loophole that allowed the attack has now been fixed.
According to the Kaspersky Lab researchers the advanced attack used a new generation of a Duqu– a malware which was previously discovered in 2011 after being used in attacks on India, France, Ukraine and Iran. It is supposed to have been developed and used by the spies of Israel.
Kaspersky said this time the malware “Duqu 2.0” was spread using Microsoft’s Software Installer files, which are normally used by the IT staff to install programs on remote computers. They also informed that Duqu 2.0 resides in affected computer’s memory making it difficult to detect.
Costin Raiu, Director of Kaspersky Lab’s global research and analysis team said “This highly sophisticated attack used up to three zero-day [previously unknown] exploits, which is very impressive – the costs must have been very high.”
Kaspersky Lab said “Venues that hosted talks about Iran’s nuclear program were also targeted by the attack.” They also informed that in their investigation additional targets were identified throughout the world, but they did not point anyone instead they urged federal agencies to begin criminal investigations.