Uroburos: Russians Behind Cyberattacks on Organizations and Countries?

March 3, 2014 Updated: July 18, 2015

The so-called Uroburos malware has been traced to Russian hackers, a security firm said.

The malware infects a machine and then is able to take control of it.

G-Data, the security firm, said in its report that the malware “is extremely complex and is designed to be very discrete and very difficult to identify.”

The technical complexity suggests connections to intelligence agencies, because developing such a tool would take a huge investment, G-Data said. While the development team “obviously comprises highly skilled computer experts,” the firm believes that the team is working on even more advanced variants.

G-Data also found that the group behind Uroburos is the same group that initiated a cyberattack against the United States in 2008 with a malware known as Agent.BTZ.

Uroburos checks for the presence of Agent.BTZ and remains inactive if it is installed.

It also appears that the authors of Uroburos speak Russian.

Because of the complexity, G-Data believes that the malware was designed to target high-profile targets dealing with sensitive information, such as government institutions, research institutions, and companies.

G-Data says that if anyone is infected by Uroburos they can email intelligence@gdata.de to receive help.


Follow Zachary on Twitter: @zackstieber