The Mask – A Spanish Cyber Threat
This post is also available in: 
עברית (Hebrew)
Meet Careto, “mask”, a relatively new cyber threat. Careto already infiltrated various governmental organizations and energy companies worldwide.
The Kaspersky Lab experts who revealed Careto’s existence said that its main purpose is to collect sensitive information from its victims – governmental organizations, embassies, diplomatic missions and research organizatons. This very wide-scale threat is also highly sophisticated.
So far Kaspersky experts ran across more than 380 Careto victims all over the world: Argentina, Europe, Arab and Muslim states and various African countries. Israel, however, is not among the countries hit.
iHLS – Israel Homeland Security
According to experts the attackers are Spanish speakers. According to the evidence Careto is a state-backed espionage program, experts added, conducted with unusually high levels of professionalism: Infrastructure management, shutdown of operation, avoiding curious eyes through access rules and using wiping instead of deletion of log files. An infection with Careto can be disastrous, as it intercepts all communication channels and collects the most vital information from the victim’s machine. Detection is extremely difficult because of stealth rootkit capabilities, built-in functionality and additional espionage modules.
According to the findings the attackers used unique tools, including abusing network vulnerabilities and utilizing advanced malicious code. Careto used methods of targeted attack even against Kaspersky Lab products.
