“Red October” Attack Described by Kaspersky

Kaspersky has recently released a detailed description of the “Red October” attack, an espionage operation involving the infection of hundreds of computers targeting government networks, embassies, and scientific organizations. The victims have mostly been in Eastern Europe, according to Securelist, but computers around the world have been infected, including some in the United States.

The Kaspersky report linked above is fairly technical, but a number of other outlets have provided useful summaries of the analysis of Red October, including this article from TechNewsWorld and Securelist’s article linked above.

Reportedly, the attackers who wrote the code appear to be Russian-speaking. Red October also includes elements that have previously been used in attacks against Tibetan activists and other Asian military and energy targets.