In order to avoid being detected and cause maximum damage, hackers are constantly enhancing their tools and the Project Sauron malware sets a new high.
An enigmatic piece of software, no one has been able to identify who designed Project Sauron and this underlines its sophistication. However, it’s such a complex piece of coding that researchers believe it must have originated from the hands of a top level organization.
The malware has been discovered on computers in locations such as Iran, Russia and China, so there are murmurings of the US government having an involvement and this wouldn’t be the first time. At present, however, the true creator is unknown.
Malware is ever evolving, though, and there’s no saying that Project Sauron won’t have its targets realigned at the US in the future, so let’s take a look at exactly what it does.
What is Project Sauron?
Referred to, in the trade, as an Advanced Persistent Threat, Project Sauron is an intricate piece of malware with a keen emphasis on espionage. And Project Sauron is so clever at disguising itself as an array of standard Microsoft files that it has gone undetected for up to five years.
Project Sauron is particularly sophisticated and effective as it utilizes the following features:
- Targets PC’s memory without infecting the hard drive to aid its concealment
- Zero day exploits are systematically searched for to ensure maximum infection time
- Unknown operating system functions help to facilitate persistent attack techniques
- Project Sauron can spread through networks by exploiting legitimate software distribution channels
It’s these novel approaches to hacking that has allowed Project Sauron to infiltrate multiple government organizations around the world, but what exactly does it do?
Project Sauron’s Hidden Threat
Project Sauron is packed full of technical threats and carries these out on a maximum stealth setting. In particular, the malware focuses on the following areas:
- Through the use of a back door exploit, Project Sauron allows the hackers to spy on password filter systems to harvest network passwords and gain widespread access
- Once the infection has taken hold, Project Sauron can steal files and transmit them back to the source of the malware
- Project Sauron can steal encryption keys to help ensure that a network is compromised to its maximum level
- In extreme cases, Project Sauron can infect USB drives to help facilitate the infection of ‘air-gapped’ computers which are not connected to the network
Due to its ambitious nature and complex build, Project Sauron has been able to stealthily operate in the background for several years; it’s this long term nature of the attack which is particularly troubling as it means that huge swathes of data have been compromised in this time.
Final Thoughts
Project Sauron sure is an advanced threat and one that even the experts are struggling to deal with. As ever, though, the best way to protect your business from malware attacks such as Project Sauron is to practice caution when dealing with data coming into your network.
However, when you consider the possible perpetrators behind Project Sauron, you do begin to wonder just how secure your data can be. By paying attention to the basics of good cyber security, though, you’re providing yourself with the best level of defense to protect your business.
For more ways to secure and optimize your business technology, contact your local IT professionals.
