| What is the Red October malware? The virus was reportedly used to transmit information from its victims ranging from diplomatic secrets to personal information for five years before it could be detected and eliminated. What was the reason that prevented the virus from being detected for so long? What was its mode of infection? |
Â
As you described, the Red October malware did indeed transmit information ranging from diplomatic secrets to personal information. It did so through attached documents to e-mails, specifically phishing e-mails. Victims were diplomats and government agencies, mostly, as well as science research facilities, and took place worldwide. There is strong evidence that the attackers came from Russian-speaking countries.
The reason why it went on for so long before being detected, was because the attackers were very meticulous. The attacks were very focused and few in number, thereby making it hard to trace. Also, tiers of countless proxy servers were used to hide the final destination of the data that was stolen. Finally, plug-ins were installed on the infected computers, thereby resurfacing even after a computer is disinfected.
