The Mask: Scary New Face of Internet Intrusion
Ultra-sophisticated attack tool might have originated from a state-sponsored intelligence service.
Kaspersky Labs has announced the discovery of an advanced cyber-espionage tool. The tool, which is known as Careto or "The Mask," appears to have been created by a Spanish-speaking native. Experts believe Careto was developed to attack targets such as diplomatic institutions, government agencies, oil and gas companies, research organizations, and activist groups. The sophistication of the tool, and the pattern of victims discovered so far, has led some experts to speculate that Careto was developed by a state-sponsored spy agency. So far, researchers have identified victims in 31 countries.
Versions of Careto exist for Windows, Mac OS, and Linux systems. According to reports, the attacker sends a link through email that appears to come from a reputable source. When the victim clicks on the link, the target system is scanned for vulnerabilities, and Careto burrows in. The tool has a modular architecture, which means the attacker can upload new components to tailor the attack once Careto has infiltrated the network.
According to Kaspersky, "For the victims, an infection with Careto can be disastrous. Careto intercepts all communication channels and collects the most vital information from the victim's machine. Detection is extremely difficult because of stealth rootkit capabilities, built-in functionalities, and additional cyber-espionage modules."
Early versions of Careto date to 2007, and the tool was active until January of this year. Kaspersky says its investigation has caused the attacker's command and control servers for Careto to shut down in order to avoid discovery.
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Gnome 48 Debuts New Audio Player
To date, the audio player found within the Gnome desktop has been meh at best, but with the upcoming release that all changes.
-
Plasma 6.3 Ready for Public Beta Testing
Plasma 6.3 will ship with KDE Gear 24.12.1 and KDE Frameworks 6.10, along with some new and exciting features.
-
Budgie 10.10 Scheduled for Q1 2025 with a Surprising Desktop Update
If Budgie is your desktop environment of choice, 2025 is going to be a great year for you.
-
Firefox 134 Offers Improvements for Linux Version
Fans of Linux and Firefox rejoice, as there's a new version available that includes some handy updates.
-
Serpent OS Arrives with a New Alpha Release
After months of silence, Ikey Doherty has released a new alpha for his Serpent OS.
-
HashiCorp Cofounder Unveils Ghostty, a Linux Terminal App
Ghostty is a new Linux terminal app that's fast, feature-rich, and offers a platform-native GUI while remaining cross-platform.
-
Fedora Asahi Remix 41 Available for Apple Silicon
If you have an Apple Silicon Mac and you're hoping to install Fedora, you're in luck because the latest release supports the M1 and M2 chips.
-
Systemd Fixes Bug While Facing New Challenger in GNU Shepherd
The systemd developers have fixed a really nasty bug amid the release of the new GNU Shepherd init system.
-
AlmaLinux 10.0 Beta Released
The AlmaLinux OS Foundation has announced the availability of AlmaLinux 10.0 Beta ("Purple Lion") for all supported devices with significant changes.
-
Gnome 47.2 Now Available
Gnome 47.2 is now available for general use but don't expect much in the way of newness, as this is all about improvements and bug fixes.