A hacker group known as 'Strider' has been in stealth mode for five years, as they carried out cyber-espionage attacks against select targets across the globe.

Using Remsec, an advanced piece of malware, these online pirates have been spying on 30 organizations in Russia, China, Belgium, Iran and Sweden since 2011.

The attackers gained complete control over the infected machines, which allowed them to access classified data using a sophisticated code that references Sauron - the all-seeing title character in 'The Lord of the Rings'.

Scroll down for video

A hacker group known as 'Strider' has been in stealth mode for 5 years, as they carried out attacks against select targets across the globe. Using Remsec, an advanced piece of hidden malware, these online pirates have been spying on 30 organizations since 2011

WHO IS 'PROJECTSAURON'? A hacker group known as 'Strider' has been in stealth for five years, as it carried out cyber-espionage attacks against select targets across the globe. In the hidden malware, experts found references to 'Sauron' the all-seeing title character in The Lord of the Rings, which earn them the name 'ProjectSauron'. Using Remsec, an advanced piece of hidden malware, these online pirates have been spying on organizations in Russia, China, Belgium, Iran and Sweden since 2011. Remsec shares certain unusual coding similarities with another older piece of nation state-grade malware known as Flamer, or Flame. The malware used in these secretive attacks focuses on intelligence-gathering, which functions as a framework allowing ProjectSuaron to infect and control computers, move across networks and exfiltrate data. Advertisement

A new report detailing the malware has been released to the public by Kaspersky Lab, a security firm based in Moscow, Russia.

Although the hackers have been tracking government networks since 2011, it wasn't until 2015 was the malware detected.

Kaspersky has dubbed this unknown group 'ProjectSauron' in their detailed report, after the reference to the J. R. R. Tolkien character was found in the hidden malware.

'The threat actor behind ProjectSauron commands a top-of-the-top modular cyber-espionage platform in terms of technical sophistication, designed to enable long-term campaigns through stealthy survival mechanisms coupled with multiple exfiltration methods, reads the report titled 'The ProjectSauron APT'.

'Technical details show how attackers learned from other extremely advanced actors in order to avoid repeating their mistakes.

'As such, all artifacts are customized per given target, reducing their value as indicators of compromise for any other victim.'

The malware used in these secretive attacks focuses on intelligence-gathering.

These strings of code were designed to function as framework that allowed ProjectSauron to infect and control computers, move across networks, exfiltrate data and release other custom modules into the systems, reports Symantec, a California-based firm that is a leading producer of software security.

'Remsec contains a number of stealth features that help it to avoid detection. Several of its components are in the form of executable blobs (Binary Large Objects), which are more difficult for traditional antivirus software to detect,' shared Symantec researchers in a blog post.

The attackers obtained complete control over infected machines, allowing them to access files and other data using a sophisticated code that references to Sauron - the all-seeing title character in 'The Lord of the Rings'

'In addition to this, much of the malware's functionality is deployed over the network, meaning it resides only in a computer's memory and is never stored on disk.'

CAN CYBERTHIEVES HACK OUR BRAINS? Experts at the University of Washington reveal hackers are inserting images into dodgy apps and recording our brain's unintentional reaction using brain-computer interfaces. For example, when playing a video game users may see logos of familiar brands pop-up on the screen that just vanish. Hackers put those images in the game and they were recording your 'brain's unintentional response to them' using a BCI, which can be a wearable that monitors stress levels or a cap covered in electrodes. This technology could one day be used by advertisers to gather more information about their customers. Also, police officers and government officials could use this method to convict criminals or as a 'remote lie detector test'. Source: Motherboard Advertisement

The newly discovered group's targets include four organizations and individuals located in Russia, an airline in China, an organization in Sweden and an embassy in Belgium, Symantec said.

Kaspersky has dubbed this unknown group 'ProjectSauron' in their detailed report, after the reference to the J. R. R. Tolkien character

Kaspersky said it had found 30 organizations hit so far in Russia, Iran and Rwanda, and possibly additional victims in Italian-speaking countries.

Remsec targets included government agencies, scientific research centers, military entities, telecoms providers and financial institutions, Kaspersky said.

'Based on the espionage capabilities of its malware and the nature of its known targets, it is possible that the group is a nation state-level attacker,' Symantec said, but it did not speculate about which government might be behind the software.

Despite headlines that suggest an endless stream of new types of cyber-spying attacks, Orla Fox, Symantec's director of security response said the discovery of a new class of spyware like Remsec is a relatively rare event, with the industry uncovering no more than one or two such campaigns per year.

SECURITY FLAW IN 900 MILLION ANDROID DEVICES COULD LET HACKERS RUN WILD Owners of Android phones have been warned of a serious security flaw that could give attackers complete access to a phone's data. The problem has been identified in software used in about 900 million Android phones, including the HTC One, and Sony Xperia Z Ultra. While there is currently no evidence of the flaws being used by hackers, experts say it is a race as to who finds the bug first. The glitch was found by researchers from Checkpoint, who posted about it in a blog. The problem appears to affect phones which run on Qualcomm processors, which the blog estimates to be around 900 million devices. Checkpoint discovered the problem after spending six months reversing Qualcomm's code. They found that the problem lay in the software that handles graphics, and in the code that controls communication within the phone. While the patches – fixes for the bug – have been distributed to the phone makers, it is still unclear how many of those companies have sent the update to their customers. In the meantime, Checkpoint has created an app called 'QuadRooter Scanner', that allows users to check if their phone is vulnerable to the bug. Advertisement

Kaspersky said it had found 30 organizations hit so far in Russia, Iran, China, Belgium and Rwanda, and possibly additional victims in Italian-speaking countries

Remsec shares certain unusual coding similarities with another older piece of nation state-grade malware known as Flamer, or Flame, according to Symantec.

Kaspersky agreed that this unknown group appears to have adopted the tools and techniques of other better-known spyware, but said it does not believe that ProjectSauron and Flame are directly connected.

As of yet, neither Kaspersky, Symantec or any other organization have stepped forward to reveal these dark villains, but Kaspersky does voice concerns about attributing blame.

'Even with confidence in various indicators and apparent attacker mistakes, there is a greater likelihood that these can all be smoke and mirrors created by an attacker with a greater vantage point and vast resources,' Kaspersky shared in their report.

'When dealing with the most advanced threat actors, as is the case with ProjectSauron, attribution becomes an unsolvable problem.'