SoylentNews is people
SoylentNews
Back in the 90s, in 1996, when the Internet was barely a few years old, two cyber-espionage groups dominated the cyber-space: Moonlight Maze and the Equation Group.
Their operations shocked the world and made people realize that hackers are also capable of stealing state secrets, not just money from bank accounts. That's when the term cyber-warfare became reality and not just the plot B-rated Hollywood movies.
While details collected about the Equation Group across the years have allowed researchers to issue theories on its connections with the US National Security Agency, very few details were collected about Moonlight Maze, the first ever APT.
Moonlight Maze, the first ever APT
The group was active in the late 90s and seemed to have disappeared at the turn of the century. Their attacks were studied and studied again and their mode of operation became standard practice for malware and cyber-attackers.
The group and its attacks achieved mythical status in the cyber-security world and were the subject of many books.
Through the years, Moonlight Maze hacked many important US targets such as government agencies and top universities. Victims included the Pentagon, NASA, the US Navy, and the Department of Energy, just to name the bigger ones.
[...] The hunt continues
While 100% attribution is never certain in cyber-espionage campaigns, the clues uncovered on the HRTest server revealed more insight into Moonlight Maze operations than ever before.
Kaspersky researchers are now making a public plea to other sysadmins that still have old servers running or tucked somewhere on their network. If they still have logs going back to those early days of the Internet and they have evidence the server was [compromised], researchers can be reached via email.
The full Kaspersky report can be found here [pdf], IOCs are here [pdf], and YARA rules for discovering Moonlight Maze malware is here.
Source: BleepingComputer
(Score: 4, Insightful) by Arik on Thursday April 06 2017, @02:03PM (7 children)
What's that noise? Oh, it's my bullshit detector, just a moment, let me turn it down, it's deafening.
I didn't bother reading TFA, the author is clearly an ignoramus who doesn't have the slightest clue what he's talking about.
If laughter is the best medicine, who are the best doctors?
(Score: 2, Funny) by Anonymous Coward on Thursday April 06 2017, @02:21PM
He should have said, "In 1996, during the Third Age of the Internet, as the Neckbeards were leaving Middle Net for the Grey Havens...."
I'm not sure if I'm being serious or not, but that's how I see the history of the internet.
Also, one does not simply walk into Moonlight Maze.
(Score: 2) by Runaway1956 on Thursday April 06 2017, @02:28PM (3 children)
Let's boil the story down.
"We think Turla is just this old nemesis, Moonlight Maze recycled. The more we research, the more we convince ourselves that this is true."
That assumption is based on some similarities in MM code and Turla code - despite the fact that the article clearly states that others have based their work on Moonlight's exploits.
Not only are they guilty of bad grammar*, but they are on a simple self-aggrandizement trip.
*Bad Grammar - put the walker back in the closet!!
(Score: 3, Informative) by bob_super on Thursday April 06 2017, @05:53PM (2 children)
Someone's also breaking the journalism rules of always spelling out your acronyms at first use, in both TFA and TFS...
https://en.wikipedia.org/wiki/Apt [wikipedia.org]
(Score: 2) by c0lo on Thursday April 06 2017, @08:27PM (1 child)
Resolved to Advanced Persistent Threat [wikipedia.org], thanks.
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 2) by Osamabobama on Thursday April 06 2017, @11:14PM
I was thinking more along the lines of 'apt-get.' I'll have to check the man page, but isn't one of the optional arguments 'state-secrets?'
Appended to the end of comments you post. Max: 120 chars.
(Score: 3, Informative) by butthurt on Thursday April 06 2017, @09:30PM (1 child)
> "in 1996, when the Internet was barely a few years old"
It was 27 but one must admit that it looked young for its age.
http://www.slate.com/articles/technology/technology/2009/02/jurassic_web.html [slate.com]
http://www.businessinsider.com/internet-in-1969-2014-1 [businessinsider.com]
(Score: 2) by Arik on Friday April 07 2017, @02:07AM
The email virus was still only an urban myth, and while we were already three years into September, the majority of the net was still thriving, blissfully unaffected.
If laughter is the best medicine, who are the best doctors?