Login

Help

BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.

To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.

To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.

Login Register Subscribe

Researchers uncover cyber spying campaign dubbed 'The Mask'

Reprints
Spain France Latin America Russia United Kingdom Brazil More + Less -

(Reuters) — A computer security software firm has uncovered what it calls the first cyber espionage campaign believed to be started by a Spanish-speaking country, targeting government agencies, energy companies and activists in 31 countries.

Dubbed "The Mask," the campaign had operated undetected since 2007 and infected more than 380 targets before it stopped last week, Moscow-based Kaspersky Lab said on Monday.

The firm declined to identify the government suspected to be behind the cyber spying, but said it had been most active in Morocco, followed by Brazil, the United Kingdom, France and Spain.

The suspected involvement of a Spanish-speaking nation is unusual as the most sophisticated cyber spying operations uncovered so far have been linked to the United States, China, Russia and Israel. Those nations have been said to be behind the Duqu, Gauss and Flame malware, for example.

Kaspersky Lab said the discovery of The Mask suggests that more countries have become adept in Internet spying. The firm's researchers only came across the operation because it infected Kaspersky's own software.

"There are many super-advanced groups that we don't know about. This is the tip of the iceberg," Costin Raiu, director of Kaspersky's global research team, said in an interview on the sidelines of a conference sponsored by his company in the Dominican Republic.

Mr. Raiu said The Mask hit government institutions, oil and gas companies and activists using malware that was designed to steal documents, encryption keys and other sensitive files, as well as take full control of infected computers.

The operation infected computers running Microsoft Corp.'s Windows and Apple Inc.'s Mac software, and likely mobile devices running Apple's iOS and Google Inc.'s Android software, according to Kaspersky Lab.

There was no immediate comment from the companies.

Kaspersky Lab said it worked with Apple and other companies last week to shut down some of the websites that were controlling the spying operation. The firm named the operation "The Mask" for the translation of the Spanish word "Careto," which appears in the malware code.

Most Read in Risk Management

Sign up for Daily Briefing, the free email newsletter from Business Insurance.

About

Advertise

Reprints and Licensing

Resources

. Privacy PolicyTerms of Use

COPYRIGHT © 2024 BUSINESS INSURANCE HOLDINGS

Member, Beacon International Group, Ltd.