Dubbed "The Mask," the campaign had operated undetected since 2007 and infected more than 380 targets before it stopped last week, on Monday. Kaspersky declined to identify the government suspected to be behind the cyber spying, but said it had been most active in Morocco, followed by Brazil, the United Kingdom, France and Spain. The most sophisticated cyber spying operations uncovered so far have been linked to the United States, China, Russia and Israel, but this one is super-advanced.
Kaspersky Lab said the discovery of The Mask suggests that more countries have become adept in Internet spying. The firm's researchers only came across the operation because it infected Kaspersky's own software. The Mask hit government institutions, oil and gas companies and activists, using malware that was designed to steal documents, encryption keys and other sensitive files, as well as take full control of infected computers. It worked on Windows and Apple’s software, and likely mobile devices running Apple's iOS and Google Android software, according to Kaspersky Lab.
The Mask hackers took advantage of a known flaw in Adobe Systems ubiquitous Flash software that permitted attackers to get from Google's Chrome web browser into the rest of a target's computer, Raiu said. Adobe fixed the flaw in 2012, he said.