Skip to main content

Topic: Russian researchers expose breakthrough U.S. spying program (Read 1964 times)

  • krake
  • [*][*][*][*][*]
Russian researchers expose breakthrough U.S. spying program
UPDATE 2-Russian researchers expose breakthrough U.S. spying program

Quote
The U.S. National Security Agency has figured out how to hide spying software deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers, giving the agency the means to eavesdrop on the majority of the world's computers, according to cyber researchers and former operatives.

Raiu said the authors of the spying programs must have had access to the proprietary source code that directs the actions of the hard drives.
"There is zero chance that someone could rewrite the [hard drive] operating system using public information," Raiu said.

Western Digital, Seagate and Micron said they had no knowledge of these spying programs. Toshiba and Samsung declined to comment. IBM did not respond to requests for comment.


Take care, your hardware is watching you. :)

Re: Russian researchers expose breakthrough U.S. spying program
Reply #1
Indeed.

http://www.reuters.com/article/2014/03/07/us-russia-cyberespionage-insight-idUSBREA260YI20140307

Quote
Reuters) - A sophisticated piece of spyware has been quietly infecting hundreds of government computers across Europe and the United States in one of the most complex cyber espionage programs uncovered to date.

Several security researchers and Western intelligence officers say they believe the malware, widely known as Turla, is the work of the Russian government and linked to the same software used to launch a massive breach on the U.S. military uncovered in 2008.

It was also linked to a previously known, massive global cyber spying operation dubbed Red October targeting diplomatic, military and nuclear research networks.

Those assessments were based on analysis of tactics employed by hackers, along with technical indicators and the victims they targeted.

"It is sophisticated malware that's linked to other Russian exploits, uses encryption and targets western governments. It has Russian paw prints all over it," said Jim Lewis, a former U.S. foreign service officer, now senior fellow at the Center for Strategic and International Studies in Washington.


.....

Quote
Kaspersky Lab researcher Kurt Baumgartner said he believes Turla and Agent.BTZ are related to Red October, which suddenly shut down after his firm reported on it in January 2013.


...

Quote
The malware is a "root kit" that hides the presence of the spying operation and also creates a hidden, encrypted file system to store stolen data and tools used by the attackers, he said. Those tools include password stealers, tiny programs for gathering information about the system and document stealers.

The operators can download specialized tools onto an infected system, adding any functionality they want by including it in the encrypted file system, Blasco said.

They have used dozens of different "command and control" servers located in countries around the world to control infected systems, according to Symantec, whose researchers have helped identify and shut down some of those systems.

Researchers say Turla's code is regularly updated, including changes to avoid detection as anti-virus companies detect new strains. BAE said it had two samples created in January 2014.


Want to continue pretending only the American government puts spyware on computers

  • krake
  • [*][*][*][*][*]
Re: Russian researchers expose breakthrough U.S. spying program
Reply #2
UPDATE 3-Kaspersky claims to have found NSA's 'space station malware'

Kaspersky malware probers have uncovered a new 'operating system'-like platform that was developed and used by the National Security Agency (NSA) in its Equation spying arsenal.

"It's important to note that EquationDrug is not just a trojan, but a full espionage platform, which includes a framework for conducting cyberespionage activities by deploying specific modules on the machines of selected victims," Kaspersky researchers say in a report.

The platform is part of the NSA's possibly ongoing campaign to infect hard disk firmware. It replaces the older EquationLaser and is itself superseded by the GrayFish platform.

  • tt92
  • [*][*][*][*][*]
Re: Russian researchers expose breakthrough U.S. spying program
Reply #3



Take care, your hardware is watching you. :)

I've known about that ever since I first saw your avatar.

  • Belfrager
  • [*][*][*][*][*]
Re: Russian researchers expose breakthrough U.S. spying program
Reply #4
Exposing US spying activity has no consequences. US brain stultifying activity already blocks it.
A matter of attitude.