SoylentNews is people
SoylentNews
A Russian government-sponsored group accused of hacking the Democratic National Committee last year has likely been infecting other targets of interest with the help of a potent Windows exploit developed by, and later stolen from, the National Security Agency, researchers said Friday.
Eternal Blue, as the exploit is code-named, is one of scores of advanced NSA attacks that have been released over the past year by a mysterious group calling itself the Shadow Brokers. It was published in April in the group's most damaging release to date. Its ability to spread from computer to computer without any user action was the engine that allowed the WCry ransomware worm, which appropriated the leaked exploit, to shut down computers worldwide in May. Eternal Blue also played a role in the spread of NotPetya, a follow-on worm that caused major disruptions in June.
Now, researchers at security firm FireEye say they're moderately confident the Russian hacking group known as Fancy Bear, APT 28, and other names has also used Eternal Blue, this time in a campaign that targeted people of interest as they connected to hotel Wi-Fi networks. In July, the campaign started using Eternal Blue to spread from computer to computer inside various staff and guest networks, company researchers Lindsay Smith and Ben Read wrote in a blog post. While the researchers didn't directly observe those attacks being used to infect guest computers connected to the network, they said a related campaign from last year used the control of hotel Wi-Fi services to obtain login credentials from guest devices.
Source: Russian group that hacked DNC used NSA attack code in attack on hotels
(Score: 4, Informative) by Thexalon on Sunday August 13 2017, @10:16PM
The hotel hack was made possible by the good old NSA, who has plainly made the decision that attacking other peoples' networks is more important than securing our own networks.
However, whatever happened at the DNC has never been proven to be a hack, much less a Russian hack. And if it was a hack, it wasn't a sophisticated hack: According to the DNC, John Podesta fell for a simple phishing email that could have been pulled off by most Soylentils, and it could have been thwarted by simple 2-factor authentication. And there's apparently significant evidence that it wasn't actually a hack, but a leak, just like Wikileaks said all along. But no surprise that "OMG! The Russians are coming!" was an easier story for the DNC to tell than "We're a bunch of idiots who are a solid decade behind the times technologically, which might have something to do with our IT being managed by people chosen for their generous donations to the Clintons than for their actual IT skills."
The only thing that stops a bad guy with a compiler is a good guy with a compiler.