Tag Archives: Belarus

Former Soviet Bloc, Allies, Under Lurid Attack

Trend Micro researchers David Sancho and Nart Villeneuve have written up an interesting attack they’ve dubbed LURID on diplomatic missions, government ministries, space-related government agencies and other companies and research institutions in the former Soviet bloc and its allies. (Only China was not a Soviet bloc member or ally in the list, and it was the least affected by the attack.)

Although they don’t say, or speculate, about the attacker, it’s not hard to conclude who might be particularly interested in what the attacks are able to dig up:

Although our research didn’t reveal precisely which data was being targeted, we were able to determine that, in some cases, the attackers attempted to steal specific documents and spreadsheets.

Russia had 1,063 IP addresses hit in the attacks; Kazakhstan, 325; Ukraine, 102; Vietnam, 93; Uzbekistan; 88; Belarus, 67; India, 66; Kyrgyzstan, 49; Mongolia, 42; and China, 39.

The campaign has been going for at least a year, and has infected some 1,465 computers in 61 countries with more than 300 targeted attacks.

Dark Reading quotes Jamz Yaneza, a research director at Trend Micro, as saying it’s probably a case of industrial espionage. But who by? ”This seems to be a notable attack in that respect: It doesn’t target Western countries or states. It seems to be the reverse this time,” Yaneza says.

Other tidbits from the Dark Reading report: Definitely not out of Russia, according to Yaneza. David Perry, global director of education at Trend Micro, says could be out of China or U.S., but no evidence of either. So it could be either hacktivists or industrial espionage. Yaneza says attackers stole Word files and spreadsheets, not financial information. “A lot of the targets seemed to be government-based,” he says.

My tuppennies’ worth? Seems unlikely to be hactivists, at least the type we think of. This was a concerted campaign, specifically aimed to get certain documents. Much more likely to be either industrial espionage or pure espionage. Which means we might have reached the stage where groups of hackers are conducting these attacks because a market exists for the product retrieved. Or had we already gotten there, and just not known it?

Either way, Russia and its former allies are now in the crosshairs.

More reading:

Massive malware attacks uncovered in former USSR | thinq_

Cyberspy attacks targeting Russians traced back to UK and US • The Register

Skype Cuts Some Rates

Skype has lowered rates of its SkypeOut service to some destinations as part of its first anniversary celebrations. Here are the details:

Six major new countries have been added to the SkypeOut Global Rate, a fixed, low-cost rate of 1.7 Euro cents per minute to popular calling destinations. China, Greece, Taiwan, Hong Kong, Poland and Switzerland have joined more than 20 additional destinations in the Global Rate. Skype has also significantly lowered SkypeOut rates for calling numbers in Armenia, Bangladesh, Belarus, Bulgaria, the Cook Islands, Croatia, the Czech Republic, Denmark, the Dominican Republic, Estonia, Finland, Germany, Hungary, Iceland, India, Indonesia, Ireland, Korea, Lebanon, Luxembourg, Malaysia, Mexico, the Netherlands, Poland (mobile), Portugal, Russia, Slovakia, South Africa, Spain, Sri Lanka and Turkey.

I’m not quite clear from the press release, but it sounds as if this is an average reduction of 15%.

It’s not all good news: Prices for SkypeOut calls to Saudi Arabia, Papua New Guinea, Oman, Lichtenstein and Haiti numbers will increase slightly.

Another Popup Blocker, But This Time From Minsk

Here’s a new version of another program designed to block popup ads, but which also performs the (admittedly increasingly common) trick of opening multiple browser windows at once. It’s called AdsCleaner.

I haven’t tried it, but I do like the honest PR release, just out, so I am going to quote: “New version features optimized process of ads blocking that has greatly influenced the operating speed. In opinion of AdsCleaner users, deceleration during the process of ad blocking was, perhaps, the main inconvenience peculiar to the early versions of the application. Now this inconvenience is eliminated.” I wish other companies were so honest.

AdsCleaner 2.0 cost $20. It is developed by SoftInform, which sounds like a computer division of the KGB. Which turns out not to be too far from the truth: As with a lot of these smaller software companies, it’s dang hard to find out where they’re based, which is a shame, because there’s nothing wrong with coming from places like Minsk in Belarus. Which is where I think SoftInform comes from.