Security researchers have claimed that Agent.btz malware, which was original discovered back in 2008, is still doing rounds and has managed to infect thousands of systems across Europe.
The malware designed to target old Microsoft operating systems including Windows XP, Windows ME, and Windows Server 2003 infected US military computers back in 2008 and was dubbed as the worst breach at the time. Cyber experts took over 14 months to disinfect affected systems.
“It started when a USB flash drive infected by a foreign intelligence agency was left in the parking lot of a Department of Defense facility at a base in the Middle East”, notes Aleks Gostev, Chief security expert at Kaspersky Lab in a blog post. “It contained malicious code and was put into a USB port from a laptop computer that was attached to United States Central Command.”
Gostev notes that they can’t be sure on the accuracy of the USB stick left in the parking lot, but the important thing is that the Agent.btz malware is self-replicating worm rather than being just a Trojan. Once installed, Agent.btz sets up a backdoor on the victim’s computer enabling hackers to gain remote access to the system and steal sensitive data.
According to Gostev the Agent.btz malware, over the period of past three years, has infected at least 1,219 UK systems, 17,305 in Spain, 9,679 in Italy and 6,632 in Germany. Russia is believed to be the worst hit country with well over 39,000 infections till date.
The continued infection of new systems and that too as we approach the Windows XP April 8 deadline is worrying for the fact that those still on Windows XP and older operating systems will be vulnerable to such dangerous malware.
Gostev goes onto claim that Agent.btz is more advanced than previously thought off and has links with similar malware such as Flame, Red October and Turla. “Both Red October and Agent.btz were, in all probability, created by Russian-speaking malware writers. One program ‘knew’ about the files created by the other and tried to make use of them.”
