Kaspersky said the collective, dubbed "The Equation Group", "surpasses anything known in complexity and sophistication" and has been active for nearly 20 years. PHOTO: AFP
Kaspersky said the collective, dubbed "The Equation Group", "surpasses anything known in complexity and sophistication" and has been active for nearly 20 years.
Kaspersky revealed on Monday a wave of cyberattacks that have cost banks around the globe up to $1 billion (870 million euros) since 2013.
About 100 banks -- mainly in Russia but also in the United States, Germany, China and Ukraine -- have been targeted in the large-scale theft.
The hackers are "unique almost in every aspect of their activities" and single out victims with "surgical precision," the company said in a statement.
Kaspersky said the group uses "classic spying techniques to deliver malicious payloads to the victims" among which is a first-known type of malware that is capable of infecting hard drives.
Some of the countries hardest hit by the hacking ring are Iran, Russia, Pakistan, Afghanistan, India, China, Syria and Mali.
Attacks target government institutions and strategic industries like energy, aerospace, nuclear and as well as religious activists, Kaspersky said.
Not bound to just the web, Equation also operates in the physical world, once targeting a US scientific conference by handing out CDs which carried a virus.
Though the identity of the hackers is unknown, Kaspersky has linked them to other groups, notably the authors of the Stuxnet and Flame viruses, with whom Equation interacted "from a position of superiority."
Stuxnet is a computer worm discovered in 2010 that was used in attacks, which Tehran blamed on the United States, against networks associated with Iran's nuclear programme.
"The Equation Group is probably one of the most sophisticated cyber attack groups in the world and they are the most advanced threat actor we have seen," the report said.
COMMENTS (2)
Comments are moderated and generally will be posted if they are on-topic and not abusive.
For more information, please see our Comments FAQ