Just like Red October this has been going on for a long time and the antivirus / malware community has been caught with their pants down. They did this by sunberting TeamViewer. They were detected because after 10 years of impunity, the team has been getting sloppy. http://www.theregister.co.uk/2013/03/21/teamspy_cyber_espionage/