Equation
STATUS:
Active
TYPE:
Complex cyberattack platform
DISCOVERY:
2014
TARGETED PLATFORMS:
Windows
FIRST KNOWN SAMPLE:
2002
NUMBER OF TARGETS:
500-1,000
TOP TARGETED COUNTRIES:
Iran, Russia, Pakistan, Afghanistan, India, China, Syria, Mali, Lebanon, Yemen
THE WAY
OF PROPAGATION
USB drives
Exploits
Self-replication
Physical media, CD-ROMs
PURPOSE/
FUNCTIONS
Cyberespionage
Data theft
Surveillance
SPECIAL
FEATURES
The ability to infect the hard drive firmware
The use of “interdiction” technique to infect victims
Mimicking to criminal malware
TARGETS
Nanotechnology
Financial institutions
Nuclear industry
Activists
Academia/Research
Government entities
Energy, oil and gas companies
Military
Telecoms
Diplomatic organizations/embassies
Trade and commerce
Aerospace
Mass media and TV
High technology companies
Education
Transportation
ARTEFACTS/
ATTRIBUTION
All artifacts are in English, with few Latin words, such as "LUTEUS" and "OBSTOS"
MORE INFO
The blog post and research paper are available at
Securelist.com
