“Careto”: Seven Years of Bad APT

February 13, 2014

“Careto”: Seven Years of Bad APT

What could have stopped cyber espionage malware “Careto” from remotely spying on over 380 unique victims in 31 countries — for 7 years?

Much as the story goes with most APT attacks, so it went with the security industry’s most recent discovery: a piece of cyber-espionage malware that conducted stealth operations for seven years without being detected. “Careto”, which is Spanish slang for a mask, or an ugly face, may have inadvertently surpassed many of its predecessors through the sheer length of time it has managed to fly under the radars of hundreds of organizations it successfully infected and breached.

Careto’s unexpected source, a Spanish speaking nation state, was only one of the surprises it had in store. Security researchers from Kaspersky Labs presented a detailed technical report about Careto that leaves little to the imagination. The malware, which was named a government-grade APT type code, was designed to target victims from a defined list of top level categories, including government institutions, diplomatic/embassies, energy, oil and gas, research institutions and activists, to name a few.

Search This Blog

Limor Kessem, CCISO, CISM

“Careto”: Seven Years of Bad APT

Comments

Post a Comment

Popular Posts

CamuBot: New Financial Malware Targets Brazilian Banking Customers

6 months to go! White House orders federal civilian agencies to kick off their ‘post-quantum’ encryption migration work by May 4, 2023