A shadowy group of hackers has siphoned intelligence data worldwide from diplomatic, government, and scientific research computer networks for more than five years, including targets in the United States, according to a report from Kaspersky Lab.
Kaspersky Lab began researching the malware attacks in October and dubbed them “Rocra,” short for “Red October.” Rocra uses a number of security vulnerabilities in Microsoft Excel, Word, and PDF documents types to infect PCs, smartphones, and computer networking equipment. On Tuesday researchers discovered the malware platform also uses Web-based Java exploits.
It's not clear who is behind the attacks, but Rocra uses at least three publicly known exploits originally created by Chinese hackers. Rocra's programming, however, appears to be from a separate group of Russian-speaking operatives, according to the report from Kaspersky Lab.