The Red October RAT (Remote Access Tool) which has been extensively analyzed by Kaspersky appears to have continued its development. The Finnish Foreign Ministry has disclosed that they were the victims of a penetration attack going on over four years. The tool used in the attack was specifically described as “not Red October”, however there were similarities. The research and analysis of the attack is ongoing, but it appears to have first been detected earlier this year. The attack targeted data traffic between the Ministry and the EU, and the Finns have rather nebulously said that they believe “China or Russia” is the originating actor.
MIIS CySec Newsfeed