The BBC reports:
One of the leading anti-virus software providers has revealed that its own systems were recently compromised by hackers.
Kaspersky Lab said it believed the attack was designed to spy on its newest technologies.
It said the intrusion involved up to three previously unknown techniques.
The Russian firm added that it was continuing to carry out checks, but believed it had detected the intrusion at an early stage.
Although it acknowledged that the attackers had managed to access some of its files, it said that the data it had seen was "in no way critical to the operation" of its products.
Additionally, an Anonymous Coward also provides an article from Der Spiegel, which says:
Analysts at Kaspersky's Moscow headquarters had already been familiar with important features of the malware that was being used against them. They believe it is a modernized and redeveloped version of the Duqu cyber weapon, which made international headlines in 2011. The cyber weapons system that has now been discovered has a modular structure and seems to build on the earlier Duqu platform.
In fact, says Vitaly Kamluk, Kaspersky's principal security researcher and a key member of the team that analyzed the new virus, some of the software passages and methods are "very similar or almost identical" to Duqu. The company is now referring to the electronic intruder as "Duqu 2.0." "We have concluded that it is the same attacker," says Kamluk.
When asked who they believe could be behind the software, Kaspersky officials are typically vague -- which is the typical attitude shown by international IT security vendors when it comes to the question of attribution. The modular Duqu arsenal is "extremely complex and very, very expensive," says Kamluk. "Cyber criminals are not behind this. We are probably dealing with nation-state attackers." As is often the case in the difficult search for the true originators of cyber attacks, which technology can easily cover up, the targets themselves could provide the best clues about who may have perpetrated the attack.
It also suggests that Israel could be behind the attack, although this seems rather speculative.
(Score: 0) by Anonymous Coward on Thursday June 11 2015, @05:37PM
What a ringing endorsement for their products.
(Score: 3, Interesting) by Wootery on Thursday June 11 2015, @05:59PM
I view it the other way round: it demonstrates how hard it is to be secure.
Last time I checked, their anti-virus product was among the best, when it comes to actually catching viruses.
(Score: 1) by dj245 on Thursday June 11 2015, @06:51PM
Last time I checked, their anti-virus product was among the best, when it comes to actually catching viruses.
I always like to check claims like these. Kaspersky does seem to be consistently among the best [av-comparatives.org]. The depressing thing is that a 99.4% catch rating means that 1 out of every 166 threats gets through, at least until that one threat is recognized. And there are a lot of threats out there. You could even run multiple malware protections but eventually statistics might catch up to you.
(Score: 0) by Anonymous Coward on Thursday June 11 2015, @07:08PM
It's part of the windoze tax.
(Score: 2) by Wootery on Saturday June 13 2015, @01:16AM
You could even run multiple malware protections but eventually statistics might catch up to you.
They might not get along together, and even if they did, the few that slip past Kaspersky are likely to also be getting past most of their rivals as well. The overlap on false-negatives is probably pretty high.