According to the latest reports, the computer security researchers of the well-known security firm, ESET have published a new report revealing a new spyware that has been used by unknown hackers during the last 5 years to spy on specific targets located in Ukraine and Russia.
This Spyware Turns Your Computer Into A Video Camera And Steals Secrets
The computer security researchers of the well-known security firm, ESET have published a new report revealing a new spyware that has been used by unknown hackers during the last 5 years to spy on specific targets located in Ukraine and Russia.
Although it has not been proven the authorship of this malware, called InvisiMole, ESET revealed that it has been used as a tool for computer surveillance probably by hackers specialized in government objectives or with very large financial motivations.
This claim is based on the fact that spyware has not been widely used, and is barely present in a dozen computers. However, being such sophisticated malware, researchers believe that it could not have been created by an ordinary hacker.
In addition to not knowing who is behind InvisiMole, ESET does not know more about how it spreads. In this sense, Zuzana Hromcova, author of the security report of the firm, revealed:-
“Our telemetry indicates that the hackers behind this malware have been active at least since 2013, but the computer espionage tool was never analyzed or detected until the ESET products detected them in compromised computers in Ukraine and Russia.”
Hromcova explains that like other types of malware aimed at high government entities, InvisiMole leaves no trace of its author. Only one file from October 2013 has been found to detect the malware, and all other compilation dates have been eliminated or retempered by arbitrary numbers, giving only a few clues about its timeline.
According to the researchers, spyware has two attack modules, one of which is responsible for searching and stealing data, and the other, more developed, extracts proxy settings from browsers and use those settings to send data to a server. Even it command and control in case the local network configuration prevents access to the master server.
In this sense, some of the commands in this module can turn on the user’s microphone, record audio, encode it as mp3 and send it to the external InvisiMole server. Also, the malware is also able to turn on the user’s webcam and take screenshots, monitor local drives, retrieve system information and modify operating system settings.
This second module is so advanced that it includes support for executing remote shell commands, manipulating registry keys, executing files, obtaining lists of local applications, loading drivers, disabling the Windows firewall, and recording audio and capturing images as well as the first module.
Finally, ESET researchers claimed that it is one of the most powerful spyware seen till to the date, and it does not seek to affect ordinary users, but its purpose is government spying.
So, what do you think about this? Simply share all your views and thoughts in the comment section below.
