Kaspersky Labs told the BBC the malware targeted government institutions such as embassies, nuclear research centres and oil and gas institutes.
It was designed to steal encrypted files - and was even able to recover files that had been deleted. One expert described the attack find as "very significant".
"It appears to be trying to suck up all the usual things - word documents, PDFs, all the things you'd expect," said Prof Alan Woodward, from the University of Surrey. "But a couple of the file extensions it's going after are very specific encrypted files."
In a statement, Kaspersky Labs said: "The primary focus of this campaign targets countries in Eastern Europe, former USSR Republics, and countries in Central Asia, although victims can be found everywhere, including Western Europe and North America. The main objective of the attackers was to gather sensitive documents from the compromised organisations, which included geopolitical intelligence, credentials to access classified computer systems, and data from personal mobile devices and network equipment."
Source: BBC News
