International antivirus company ESET has researched the platform Attor that at least since 2013, spying on the Russians and people of Eastern Europe. Observations the company has shared on its website.
It is noted that the Attor victims were users from Russia, Ukraine, Slovakia, Lithuania and Turkey. Among them diplomats and government officials.
Attor consists of a Manager and plugins that are downloaded to the compromised device in the form of encrypted DLL files. For communication with the command server, use the Tor program.
Attor analyzes the activity of the victim’s browser, messenger, email applications, services IP telephony, and social networks “Schoolmates” and “Vkontakte”. The program is able to take snapshots of the screens to intercept the typed text and clipboard contents, and record audio. In addition, the plugin collects data about the connected modems, phones, and file storage.
More than just creators Attor interested in digital prints connected to the computer through the serial port of the GSM devices, say in ESET. Digital fingerprints can then be used for data theft. Knowing the type of the connected device, criminals can collect personal plugin that will allow you to steal data and make changes.
Late for a flight passenger ransacked