New malware is tearing up the internet - probably created by NSA

My humble review

New? What EXACTLY is new about these facts:
1. "compromising computers and collecting a wealth about them" - typical trojan
2. "It sends out emails designed to look as though they were sent legitimately from [source]" - typical phishing attack/scam witjh a payload that in general creates a session with the machine to be exploited and then post-exploits them
3. "It works against Windows, OS X and Linux systems, and there may be iOS and Android" vulnerabilities, shellcode, 0day, buffer overflow have been found on all these, there are thousands of these exploits, searchable under the open-source software on Linux called searchsploit
4. "Once infected, a computer surrenders pretty much any info the malware wants. It can collect "network traffic, keystrokes, Skype conversations, analyze Wi-Fi traffic, PGP keys, fetch all information from Nokia devices, screen captures and monitor all file operations." OH WOW. Again, Metasploit 101, Metasploit being a penetration testing framework. What you can do in the post-exploit part is scary indeed, though. You can spy on someone from his webcam and listen to him/her from their integrated microphone for example.

All of this is not news. It is something of an issue to most computer users and has been warned about for ages, but is still going on..... Indeed, the NSA types, I suppose, do work with the professional versions of the mentioned tools or pay some company to develop some tools for mass spying.

Anyone who does not understand the risks involved in clicking on links in unsolicited emails, in my opinion, deserves to have their computers infected. With one exception possibly being the elderly.

These scam viruses almost always require an action on the user's part to be installed.

If people would just allow common sense to rule in these situations then these viruses would never get off the ground.

Who was targeted?

From Kaspersky report:
"Spain, France and Morocco are the only countries appearing in the top 5 in all cases.
The main targets of Careto fall into the following categories:
Government institutions
Diplomatic / embassies
Energy, oil and gas companies
Research
Private equity firma
Activists"

It is a quite an interesting analysis Kaspersky's lab has done. Apparently not too many people got hit. At least they only found about a 1000 or so victims worldwide.

The code leaves the impression that the architects were Spanish speaking but they add: "We should also not exclude the possibility of a false flag operation, where the attackers intentionally planted Spanish words in order to confuse analysis."

And
"For Careto, we observed a very high degree of professionalism in the operational procedures of the group behind this attack, including monitoring of their infrastructure, shutdown of the operation, avoiding curious eyes through access rules, using wiping instead of deletion for log files and so on. This is not very common in APT operations,
putting the Mask into the “elite” APT groups section. The attacks rely on a combination of social engineering, for instance impersonating
websites from The Guardian and Washington Post. These are coupled with at least one exploit that according to media report has been sold to governments as a 0-day by French company VUPEN.
The targeting of Linux and Mac users by the attackers indicates another important trend in the world of APTs. We previously observed this and described it with Icefog; we can now say with a good degree of confidence that high end APT actors are now expanding their toolkits to include Linux and Mac “support”. Also, there is evidence
the attackers may have deployed Android and iOS backdoors as well. Unfortunately, we could not locate these samples yet nor do we know how they were implanted, especially considering iOS’ security model."