June 10, 2015  (c)   Kaspersky Lab

Kaspersky Lab investigates hacker attack on its own network

The bad news

The bad news is that we discovered an advanced attack on our own internal networks. It was complex, stealthy, it exploited several zero-day vulnerabilities, and we’re quite confident that there’s a nation state behind it. We’ve called it Duqu 2.0. Why Duqu 2.0 and what it has in common with the original Duqu?

The good news – pt. 1: We uncovered it

The first bit of good news is that we found something really big here. Indeed, the cost of developing and maintaining such a malicious framework is colossal. The thinking behind it is ageneration ahead of anything we’d seen earlier – it uses a number of tricks that make it really difficult to detect and neutralize. It looks like the people behind Duqu 2.0 were fully confident it would be impossible to have their clandestine activity exposed; however, we did manage to detect it – with the alpha version of our Anti-APT solution, designed to tackle even the most sophisticated targeted attacks.