Two years ago, Kaspersky Lab discovered RedOctober, a cyber-espionage operation targeting diplomatic embassies. Two years down the line the company believes that RedOctober is back and operating under the name Cloud Atlas.
Two years ago, Kaspersky Lab published research into RedOctober, a complex cyber-espionage operation targeting diplomatic embassies worldwide. After this announcement, in January 2013, the RedOctober operation was promptly shut down and the network of C&Cs was dismantled. However, Kaspersky Lab believes that RedOctober is back and is in fact being disguised as Cloud Atlas.
According to Kaspersky Labs’ Global Research & Analysis Team, what usually happens with these big operations is that considering the huge investment and number of resources behind it, they don’t just “go away” forever. Rather, the group goes underground for a few months, redesigns the tools and the malware and resumes operations.
Since January 2013, Kaspersky Lab has been on the lookout for a possible RedOctober comeback and believes, it has done so under the guise of Cloud Atlas. For details around the discovery please view: http://securelist.com/blog/research/68083/cloud-atlas-redoctober-apt-is-back-in-style/
Kaspersky Lab products detect the malware from the Cloud Atlas toolset.
* Follow Gadget on Twitter on @GadgetZA