Duqu’s Revenge: Russian Cybersecurity Firm Kaspersky Hacked
"This highly sophisticated attack used up to three zero-day exploits, which is very impressive -- the costs must have been very high," Costin Raiu, director of Kaspersky's global research and analysis team, said in a statement.
The sneaky malware used to spy on Kasperky's systems sits patiently in a computer's memory bank and never writes any files to disk. That makes it particularly difficult to detect, though obviously not impossible. According to Kaspersky, the attack is in some way linked to the same unknown hackers who built Duqu, a Trojan virus that was used to spy on government PCs in Iran, India, France, and Ukraine several years ago.
As with last time Duqu made the rounds, the hackers responsible took advantage of flaws in Microsoft software. Hackers previously exploited Microsoft Word, and this time the malware weaseled its way into Kaspersky's systems via Microsoft Installer files.
Kaspersky maintains that it discovered the malware early enough that no important files were compromised.