Duqu’s Revenge: Russian Cybersecurity Firm Kaspersky Hacked

Leading antivirus firm Kaspersky Lab said that it recently suffered a security breach involving at least three techniques that it had never seen before. The AV company described the attack as "one of the most sophisticated campaigns ever seen," though it believes it was able to detect the intrusion at an early stage, thereby mitigating the damage.

"This highly sophisticated attack used up to three zero-day exploits, which is very impressive -- the costs must have been very high," Costin Raiu, director of Kaspersky's global research and analysis team, said in a statement.

Kaspersky Entrance

The sneaky malware used to spy on Kasperky's systems sits patiently in a computer's memory bank and never writes any files to disk. That makes it particularly difficult to detect, though obviously not impossible. According to Kaspersky, the attack is in some way linked to the same unknown hackers who built Duqu, a Trojan virus that was used to spy on government PCs in Iran, India, France, and Ukraine several years ago.

As with last time Duqu made the rounds, the hackers responsible took advantage of flaws in Microsoft software. Hackers previously exploited Microsoft Word, and this time the malware weaseled its way into Kaspersky's systems via Microsoft Installer files.

Kaspersky maintains that it discovered the malware early enough that no important files were compromised.