Red October Malware

One thing I don’t miss in making the change from PCs to Macs is virus removals and troubleshooting. Virus removals were one of the most common tasks I had to perform at Staples, and one of the most expensive. I grew to hate them.

I’ve been here for a few months and I’ve yet see a case of a digital viral infection. I was surprised enough that I ended up asking my colleagues how common it is for Apple computers to be infected with a virus. The response I got was “extremely uncommon.” It sounded like you had to go looking for one to actually find one.

Computer viruses are constantly evolving and causing havoc. One piece of malware that does seem to get around is the kind that steals informations and sends it to an anonymous location for someone to rifle through later. Some of you keeping up on current events may have seen mention of a piece of malware called Red October, named after the book, The Hunt for Red October.

This lovely piece of malware (sneaky software that gets into a computer and infects it with a virus) seems to be written by several different groups of hackers and governments all from different projects. This large base of contributors makes its place of origin unknown as well as who is controlling it. This software gets into a computer primarily through email, and drops the payload which installs three pieces of software — the communication package, the intelligence gathering package, and the guaranteed backdoor.

This little piece of bad software is designed to get into diplomatic and governmental systems and siphon information off with as little notice as possible. If it is noticed and removed, it has guaranteed its continued existence by installing a little add-on to either the Microsoft Word and Excel installed programs or Adobe’s Flash program. When the primary malware file is removed, these add-ons will actually reinstall the primary file for continued information siphoning.

Red October has infected computers in 39 countries with no clear target. The manufacturer of the file is unclear because of its mish-mashed coding that is partly custom and partly that of many other different malware files all designed to do something different. Yet, it works so well together that it was only recently discovered and has been suspected to have been around since mid-2007. That would make it a six-year digital intelligence gathering operation that has stolen unknown amounts of data over the years and sent it off to unknown destinations.

Editor’s Note – I am no conspiracy nut, but this kind of stuff is certainly fodder for stories of hidden shadowy power groups looking to secretly take over the world. -Liam