Kaspersky Lab and Symantec, two leading security providers, have discovered a sophisticated form of malware that went undetected for five years. It’s called Project Sauron, a reference to JRR Tolkien’s dark lord.
As BBC News reports, Project Sauron is able to disguise itself in a wide variety of ways, for example, by naming files similar to those published by companies like Microsoft, and it does not always use the same methods for sending data back to the attacker.
One aspect of Project Sauron that demonstrates the malware's sophistication is its ability to steal sensitive data - such as encryption keys - from computers that are not actually connected to the internet. This is known as "jumping the air-gap".
The malware can steal files, log all keystrokes and open a "back door" allowing wide-ranging access to the compromised computer, according to Symantec.
"These are very stealthy, insidious attacks that can lurk in the background for years gathering information," Costin Raiu, Kaspersky’s director of threat research, told the BBC.
"The attackers clearly understand that we as researchers are always looking for patterns," Kaspersky Lab notes in its report. "Remove the patterns and the operation will be harder to discover."
Read the full article here.