In Kaspersky looks behind The Mask I commented on Kaspersky’s teaser for its conference revelations about the malware it calls The Mask. The company has now released a hefty 64 page description as a PDF: Unveiling “Careto” – The Masked APT.
The report comments:
What makes “The Mask” special is the complexity of the toolset used by the attackers. This includes an extremely sophisticated malware, a rootkit, a bootkit, 32- and 64-bit Windows versions, Mac OS X and Linux versions and possibly versions for Android and iPad/iPhone (Apple iOS).
Symantec has a brief summary in an article by Stephen Doherty on The Mask. And according to a SecurityWeek article, Kaspersky’s Costin Raiu reported that the attackers shut down their operation within four hours of the publication of Kaspersky’s teaser blog.
In case you were wondering, the mysterious “(human) language not usually associated with APTs” turns out to be Spanish.
Small Blue-Green World