Free Republic

Earlier this spring, the cybersecurity firm Kaspersky was testing an advanced antivirus software on one of its computers when it stumbled on something big: As the Moscow-based company puts it, it was "one of the most skilled, mysterious and powerful" spy viruses in the world. The piece of software was so sophisticated that it left few traces. It didn't leave files on the disk drive, and to stay hidden, it burrowed inside a computer's kernel memory, which is the place where a computer's most basic software is kept.Kaspersky says it assigned a team to watch its movements, and the team...

The super-sophisticated malware that infiltrated Kaspersky Labs is more crafty than first imagined. We're told that the Duqu 2.0 software nasty was signed using legit digital certificates issued to Foxconn – a world-leading Chinese electronics manufacturer, whose customers include Microsoft, Dell, Google, BlackBerry, Amazon, Apple, and Sony. The code-signing was uncovered by researchers at Kaspersky Lab, who are studying their Duqu 2.0 infection. Windows trusts Foxconn-signed code because the Chinese goliath's certificate was issued by VeriSign, which is a trusted certificate root. Thus, the operating system will happily load and run the Foxconn-signed Duqu 2.0's 64-bit kernel-level driver without setting...

Cybersecurity firm Kaspersky Lab announced that it has detected an intrusion into its own systems, and you'll never believe who the company thinks is behind it. CEO Eugene Kaspersky claims a nation-state hacked into his company's network in order to steal information about its technologies. The unidentified hackers exploited security flaws in Microsoft Software Installer files to infect Kaspersky's network with malware. Kaspersky is referring to the malware as "Duqu 2.0", because it appears to be tied to the same cybercriminals that used Duqu malware to attack Iran, India, France and Ukraine a few years ago. Back then, the hackers...