Grayfish, Lamberts, Equation, SOCOM, Gollum, Cahnadr, NeedleWatch are all names that could come directly from a Jason Bourne movie. In reality it’s all linked to a U.S.-led counterterrorism cyber-espionage operation that targeted ISIS and al-Qaeda members. Kaspersky were smart enough not to mention the country but in practice they effectively stopped a 5-year spying campaign targeting ISIS and Al-Qaeda.
How? By creating malware infecting computers at internet cafés but also Mikrotik branded routers that are popular in that part of the world. They captured the camera and keystrokes from computers and siphoned large amounts of data off routers as well. Countries targeted: Sudan, Lib.ya, Congo, Turkey, Jordan, Iraq, Yemen, Afghanistan, Somalia, Kenya, Tanzania
Did Kaspesky expose a sensitive U.S. counterterrorism initiative or did they just stop attacks aimed at their customers?