Red October
-
First known sample
2007 -
Discovery
2013 -
Number of targets
100-1000 -
Current status
Inactive since 2014 -
Type
Complex cyberattack platform -
Targeted platforms
Windows , Windows Mobile -
TOP targeted countries
Eastern Europe , Western Europe -
Connected attacks
More about the Red October campaign, its targets, techniques and tools involved
-
The way of propagation
Exploits , Social engineering -
Purpose/Functions
Cyberespionage -
Special features
This multi-functional attack platform included several extensions and malicious files designed to quickly adjust to different system configurations and harvest intelligence from infected machines.
-
Targets
Academia/Research , Aerospace , Diplomatic organizations/embassies , Government entities , Military , Trade and commerce -
Artefacts/Attribution
The exploits appear to have been created by Chinese hackers. The Rocra/Red October malware modules have been created by Russian-speaking operatives.
-
Description
A high-level, cyber-espionage campaign that has successfully infiltrated computer networks at diplomatic, governmental and scientific research organizations in order to gather data and intelligence from mobile devices, computer systems and network equipment. Those targeted are primarily from organizations in Eastern Europe, areas of the former USSR, and Central Asia. Initial infection is through attachments to emails.