Stories
Slash Boxes
Comments

SoylentNews is people

Researchers Expose Dino, Espionage Malware with a French Connection

posted by LaminatorX on Thursday July 02 2015, @09:55AM   Printer-friendly
from the Le-Warez-du-Mal dept.

Phoenix666 writes:

Security researchers at ESET in Bratislava, Slovakia have published an analysis of another apparently state-sponsored cyber-espionage tool used to target computers in Iran—and potentially elsewhere. The malware, also recently mentioned by Kaspersky researchers, was named, "Dino," by its developers and has been described as a "full featured espionage platform." And this advanced persistent threat malware, according to researchers, might as well come with a "fabriqué en France" stamp on it.

Based on analysis of Dino's code from a sample that infected systems in Iran in 2013, "We believe this malicious software has been developed by the Animal Farm espionage group, who also created the infamous Casper, Bunny, and Babar malware," ESET's Joan Calvet wrote in a blog post today. The Casper malware was part of a large-scale attack on Syrian computers last fall. "Dino contains interesting technical features, and also a few hints that the developers are French speaking," Calvet noted.

Other members of the "Animal Farm" malware family have been attributed to French intelligence agencies by researchers—including a 2011 analysis by Canada's Communications Security Establishment revealed by documents leaked by former National Security Agency contractor Edward Snowden. Dino shares attributes with the other members of the "Animal Farm" malware family and improves on many of the techniques of "Babar," the previous generation intelligence-gathering software implant.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Researchers Expose Dino, Espionage Malware with a French Connection | Log In/Create an Account | Top | 5 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 4, Funny) by jimshatt on Thursday July 02 2015, @10:59AM

    by jimshatt (978) on Thursday July 02 2015, @10:59AM (#204158) Journal
    You can smell the fromage that is French code from a kilometer away. Because they use variable names like colorbackground instead of backgroundcolor, etc. Somehow the bratwurst that is German code is also noticeable, but I can't really put my Zeigefinger on ze problem there. Oh, and Spanish (¿Paella code?), don't get me started! Of course, in Italy they serve the best spaghetti code.
    Starting Score:    1  point
    Moderation   +2  
       Funny=2, Total=2
    Extra 'Funny' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   4  

  • (Score: 1) by ticho on Thursday July 02 2015, @11:19AM

    by ticho (89) on Thursday July 02 2015, @11:19AM (#204164) Homepage Journal

    ... and now I'm hungry.