REUTERS/KACPER PEMPEL/FILE PHOTO
“Observed victims to date include law firms, banks, and strategic consultancies in countries such as Austria, the United Kingdom, and Panama,” the post said, without identifying the victims. The term comes from the amount of warning users get to patch their machines protectively; a two-day flaw is less dangerous because it emerges two days after a patch is available.
According to a copy of an internal presentation published last year by German news website Netzpolitik, DSIRF advertises Subzero as a “next generation cyber warfare” tool which can take full control of a target’s PC, steal passwords, and reveal its location.