One of the biggest security firms in the world, Kaspersky Lab, has undergone a never-before-seen attack which, as the company states, has much in common with Duqu malware. This type of malware (dubbed Duqu 2.0) is connected with Stuxnet attacks when several states were targeted, including Iran, India, France and Ukraine back in 2011. Eugene Kaspersky, the founder of the lab and its CEO, was the first one to reveal that the company's network was hacked. "We discovered an advanced attack on our own internal networks. It was complex, stealthy, it explored several zero-day vulnerabilities, and we’re quite confident that there’s a nation state behind it", said Kaspersky in the blog post. The CEO assures that no data was compromised.
According to the report, the attackers were trying to learn about the current technologies Kaspersky Lab is using for virus detection and were interested in some of the company's products. The source code of the products and other important data remained intact, so Eugene Kaspersky is being quite optimistic and says that the attackers, in fact, suffered much more than the company did. “The cost of developing and maintaining such a malicious framework is colossal. The thinking behind it is a generation ahead of anything we’d seen earlier – it uses a number of tricks that make it really difficult to detect and neutralize. It looks like the people behind Duqu 2.0 were fully confident it would be impossible to have their clandestine activity exposed; however, we did manage to detect it.»
The security firm is currently looking into the issue in order to prevent any further accidents. Nothing certain has been said about the people behind the attack, but the company has already got in touch with law enforcement agencies in several countries urging them to initiate the investigation.
Source: Kaspersky Blog