Skip to main content

Russian Uroburos Malware Devours American Files

The Ouroboros of classical antiquity was a serpent locked in a perpetual cycle devouring its own tail. Taking a page out of the old wyrm's book, the Uroburos malware seeks to engulf whole networks, possibly as part of a Russian espionage plot against the United States.

Although Uroburos seems to have been around since 2011, researchers at the German security firm G Data discovered it only recently. In a blog post, G Data describes the Uroburos rootkit, which burrows deep into a Windows operating systems, steals files and transmits them back to its overseers.

MORE: Best PC Antivirus Software 2014

What makes Uroburos interesting is that it appears to be built to target high-security installations. The malware requires an Internet connection to transmit data, but not to spread. As long as computers are connected via a network, Uroburos can replicate itself and funnel files back to an Internet-connected system for transmission.

One slight consolation is that everyday users probably need not worry about Uroburos. Because of its complexity, its designers probably want it to target government and corporate installations rather than individual users. On the flip side, the malware is extremely difficult to detect and researchers are still not certain about how it spreads.

G Data asserts that the advanced rootkit is very similar to another one called Agent.BTZ that made the rounds against the U.S. government in 2008. Combined with a Russian-language piece of Uroburos code, these similarities suggest that the creators of the malware are either Russian, or wish to pin the blame on Russians.

Because of its complexity, it's not possible to detect or eradicate Uroburos through conventional means. Average users need not worry, but big corporations or government centers might want to monitor their network transmissions very closely for any irregularities. Formatting a system is inconvenient, but it's preferable to shady cybercriminals getting their hands on your sensitive data.

Follow Marshall Honorof @marshallhonorofand on Google+. Follow us @tomsguide, on Facebook and on Google+.

  • ethanolson
    Normal users need not worry... twice in that article. What's the author gonna say next, North Korea has enough food?These aren't the droids you're looking for.
  • Marshall Honorof
    @ethanolson - War is peace. Freedom is slavery. Ignorance is strength.In all seriousness, guess I did not catch that I used the phrase twice. Ah well. What can you do?
  • dalethepcman
    my friend's sister-in-law makes $67 /hour on the laptop... last month her pay check was $18954....
    The bot's done even bother to do math anymore.. to make $18954 at $67/hour after taxes your sister in law would have had to work 382 hours last month. Sounds like a horrible job...