Careto (Spanish slang for "face"), sometimes called The Mask, is a piece of espionage malware discovered by Kaspersky Lab in 2014.
Because of its high level of sophistication and professionalism, and a target list that included diplomatic offices and embassies, Careto is believed to be the work of a nation state.
From the information that has been uncovered, the victims were infected with the malware by clicking on a spear phishing link which redirected to websites that had software that Careto could exploit, such as Adobe Flash Player.
The websites that contained the exploitable software had names similar to popular newspapers, such as The Washington Post and The Independent.
Evidence of a possible fourth type of backdoor to Android and IOS was discovered on the C&C servers, but no samples were found.