Kaspersky, an organization that exposes and thwarts plenty of nation-state attacks was targeted by the Duqu hacker group.
The attack was mainly aimed to access and steal the gathered intelligence on nation-state attacks from its servers and to know how Kaspersky’s detection algorithms and software work.
The attack was implanted in six modules and an algorithm that was shared along with plenty of similar coding to hide the malware in plain sight.
Source: https://www.lifars.com/2015/06/kaspersky-spots-hackers-within-its-own-network/
TPRM report: https://scoringcyber.rankiteo.com/company/kaspersky
"id": "kas101522",
"linkid": "kaspersky",
"type": "Cyber Attack",
"date": "11/2015",
"severity": "100",
"impact": "9",
"explanation": "Attack that could bring to a war"{'affected_entities': [{'industry': 'Cybersecurity',
'name': 'Kaspersky',
'type': 'Organization'}],
'attack_vector': 'Malware',
'data_breach': {'data_exfiltration': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Intelligence on nation-state '
'attacks',
'Detection algorithms and '
'software']},
'description': 'Kaspersky, an organization that exposes and thwarts plenty of '
'nation-state attacks, was targeted by the Duqu hacker group. '
'The attack was mainly aimed to access and steal the gathered '
'intelligence on nation-state attacks from its servers and to '
'know how Kaspersky’s detection algorithms and software work. '
'The attack was implanted in six modules and an algorithm that '
'was shared along with plenty of similar coding to hide the '
'malware in plain sight.',
'impact': {'data_compromised': ['Intelligence on nation-state attacks',
'Detection algorithms and software']},
'initial_access_broker': {'high_value_targets': True},
'motivation': ['Espionage', 'Intelligence Gathering'],
'threat_actor': 'Duqu Hacker Group',
'title': 'Kaspersky Targeted by Duqu Hacker Group',
'type': 'Data Breach'}