It looks like the Red October cyber-espionage malware is back.
Two years ago, Kaspersky Lab published research into Red October, a complex cyber-espionage operation targeting diplomatic embassies worldwide, in January 2013.
The Red October operation was promptly shut down and the network of C&Cs was dismantled.
However, Kaspersky Lab has reason to believe that RedOctober is back, in disguise as Cloud Atlas.
According to Kaspersky Labs’ Global Research & Analysis Team, what usually happens with these big operations is that considering the huge investment and number of resources behind it, they don’t just “go away” forever. Rather, the group goes underground for a few months, redesigns the tools and the malware and resumes operations.
