It is thought that the sophistication of malware could only be achieved by some country’s intelligence agency. The Malware has been dubbed ‘Remsec’, ‘Strider’, which was Aragorn’s nickname in the Lord of the Rings.
It is also being referred to as ‘ProjectSuaron’. Symantec says the virus seems to be part of a country’s effort to hack into over 36 computers spanning not less than 7 organizations all over the globe from 2011.
Some of the attacks were directed towards some individuals in Russia, an airline in China, an anonymous organization in Sweden, and an embassy in Belgium. The list also includes scientific research facilities, military facilities, telecom companies, and financial organisations.
The hacking campaign has been ongoing from 2011 but it was programmed to use unfamiliar methods of operation, and so security experts couldn’t notice it. It was only unearthed when Kaspersky was hired by a certain governmental organisation to have a look at its system since its network was showing unfamiliar activity.
The virus can span networks, moving into even those systems separated by air gapping. It could get passwords, Ip addresses, configuration files, and all sorts of computer data.
After it has gathered the data, it places it in a USB storage device that the operating system identifies as approved. It has been estimated that the malware required some millions of dollars to run.
The responsible government has not been revealed, but the cybersecurity firms acknowledged that the virus resembled an older creation that was used by the state to unleash cyber attacks.
This includes Flamer, a program that is connected to Stuxnet. Stuxnet was the worm that was developed by the United States in collaboration with Israel to attack Iran’s’ nuclear program.