Pages

Tuesday, 9 August 2016

'Project Sauron' malware hidden for five years

Sauron
The malware has been nicknamed Project Sauron after references to JRR Tolkien's dark lord were found in the code
A sophisticated form of malware known as Project Sauron went undetected for five years at a string of organisations, according to security researchers.

The malware may have been designed by a state-sponsored group. It can disguise itself as benign files and does not operate in predictable ways, making it harder to detect.

Sauron malware code
Project Sauron may have been created by a state-sponsored hacker group, researchers believe
Experts from Kaspersky Lab and Symantec said it allows the attacker to spy on infected computers. In September last year, Kaspersky first detected the malware on an unspecified "government organisation" network.


Since then, the firm claims to have found evidence of Project Sauron at more than 30 organisations in Russia, Iran and Rwanda. These were generally government, scientific, military, telecoms and financial organisations, according to Kaspersky.

Separately, Symantec said it had found the malware in other countries, including at an airline in China and an embassy in Belgium.