Although the origin of the attack was not disclosed, it said the main objective of the attackers was to gather sensitive data from the infected systems.
Kaspersky found "infections" across nations -- Argentina, Belgium, Brazil, China, Cuba, Egypt, France, Germany, Iran, Iraq, Libya, Pakistan, Turkey, the UK and the US.
Codenamed 'The Mask' (aka Careto), the tool includes an extremely sophisticated malware, a rootkit, a bootkit, Mac operating system X and Linux versions and possibly versions for Android and iOS (iPad/iPhone), Kaspersky said in a statement.
"Several reasons make us believe this could be a nation-state sponsored campaign. First of all, we observed a very high degree of professionalism in operational procedures of the group behind this attack.
Also Read
"From infrastructure management, shutdown of the operation, avoiding curious eyes through access rules and using wiping instead of deletion of log files," Kaspersky Lab Director of the Global Research and Analysis Team (GReAT) Costin Raiu said.
The primary targets of attacks are government institutions, diplomatic offices and embassies, energy, oil and gas companies, research organisations and activists.
"The Mask is an advanced Spanish-language speaking threat actor that has been involved in global cyber-espionage operations since at least 2007," Kaspersky said.
Victims of this targeted attack have been found in 31 countries across the world -- from the Middle East and Europe to Africa and the Americas, Kaspersky said.
For the victims, an infection with Careto can be disastrous.
"Careto intercepts all communication channels and collects the most vital information from the victim's machine. Detection is extremely difficult because of stealth rootkit capabilities, built-in functionalities and additional cyber-espionage modules," it said.