The software, dubbed Careto, is a sophisticated suite of tools for compromising computers and collecting a wealth of information from them. Whoever is behind the malware sends out “spear phishing” e-mails, with addresses designed to be mistaken for the Web sites of mainstream newspapers, such as The Washington Post or the Guardian. If the user clicks on a link, it takes her to a Web site that scans her system for vulnerabilities and attempts to infect it. There are multiple versions of the malicious software designed to attack Windows, Mac OS X and Linux versions, and Kapersky believes there may be versions that attack iOS and Android.

Once Careto has compromised a system, it begins collecting sensitive information from it. The software can “intercept network traffic, keystrokes, Skype conversations, analyse WiFi traffic, PGP keys, fetch all information from Nokia devices, screen captures and monitor all file operations.”

It can also capture any encryption keys found on the machine, which can help launch attacks against other machines.