Stories
Slash Boxes
Comments

SoylentNews is people

Kaspersky Lab Exposed U.S. Military "Slingshot" Malware

posted by martyb on Thursday March 22 2018, @06:37PM   Printer-friendly
from the malware-is-malware-no-matter-who-controls-it dept.

takyon writes:

US officials: Kaspersky "Slingshot" report burned anti-terror operation

A malware campaign discovered by researchers for Kaspersky Lab this month was in fact a US military operation, according to a report by CyberScoop's Chris Bing and Patrick Howell O'Neill. Unnamed US intelligence officials told CyberScoop that Kaspersky's report had exposed a long-running Joint Special Operations Command (JSOC) operation targeting the Islamic State and Al Qaeda.

The malware used in the campaign, according to the officials, was used to target computers in Internet cafés where it was believed individuals associated with the Islamic State and Al Qaeda would communicate with their organizations' leadership. Kaspersky's report showed Slingshot had targeted computers in countries where ISIS, Al Qaeda, and other radical Islamic terrorist groups have a presence or recruit: Afghanistan, Yemen, Iraq, Jordan, Turkey, Libya, Sudan, Somalia, Kenya, Tanzania, and the Democratic Republic of Congo.

The publication of the report, the officials contended, likely caused JSOC to abandon the operation and may have put the lives of soldiers fighting ISIS and Al Qaeda in danger. One former intelligence official told CyberScoop that it was standard operating procedure "to kill it all with fire once you get caught... It happens sometimes and we're accustomed to dealing with it. But it still sucks. I can tell you this didn't help anyone."

This is good malware. You can't expose the good malware!

Related: Kaspersky Claims to have Found NSA's Advanced Malware Trojan
Ties Alleged Between Kaspersky Lab and Russian Intelligence Agencies
Kaspersky Willing to Hand Source Code Over to U.S. Government
Kaspersky Lab has been Working With Russian Intelligence
FBI Reportedly Advising Companies to Ditch Kaspersky Apps
Federal Government, Concerned About Cyberespionage, Bans Use of Kaspersky Labs Products
Kaspersky Lab and Lax Contractor Blamed for Russian Acquisition of NSA Tools

Original Submission

 
This discussion has been archived. No new comments can be posted.
Kaspersky Lab Exposed U.S. Military "Slingshot" Malware | Log In/Create an Account | Top | 18 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 4, Interesting) by bob_super on Thursday March 22 2018, @07:21PM (3 children)

    by bob_super (1357) on Thursday March 22 2018, @07:21PM (#656802)

    1) why do they admit that it was theirs, and describe the way they were using the virus?

    2) was that program actually working? If you're gonna tell us, and tell the bad guys to be paranoid, should you be bragging that the thing was helping?

    3) who's getting extradited for computer breaches inside a foreign sovereign state ?

    Starting Score:    1  point
    Moderation   +2  
       Interesting=2, Total=2
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   4  

  • (Score: 5, Interesting) by number11 on Thursday March 22 2018, @07:39PM

    by number11 (1170) Subscriber Badge on Thursday March 22 2018, @07:39PM (#656814)

    1) why do they admit that it was theirs, and describe the way they were using the virus?

    This. Normally, they would deny it, even if there is overwhelming evidence, or have no comment. They are admitting it for a reason. The story is not that they did it, of course they do stuff like that. The story is that they admit it.

    Why? I don't know. To attack Kaspersky? To attacking security researchers in general, at least the ones that they don't control? To encourage the scum who want backdoors in everything? To draw attention away from something else? To obliquely brag that they'd gotten away with it for years? To get adversaries to shift to a different communication channel, which has already been compromised?

  • (Score: 5, Insightful) by zocalo on Thursday March 22 2018, @07:44PM

    by zocalo (302) on Thursday March 22 2018, @07:44PM (#656822)
    I'm guessing it boils down to the code was blown,and now being detected by anti-virus signatures, Kaspersky Labs was responsible for that, and since there's an on-going smear campaign against Kaspersky Labs (for which the US has *still* to provide any real evidence), so they thought they might as well salvage something from it and add a tenuous claim of "putting American lives in danger" to the pile of completely unsubstantiated allegations. Of course, that completely ignores the possibility that the same vulnerabilities they are exploiting were already known to another nation state or group hostile to the US and really was being used to put US lives in danger because they hadn't informed the relevant vendor of the flaw and enabling them to fix it. Probably not the case in this occassion due to locations where the exploit has been detected, although it's possible that another independently coded version exploit wouldn't be detected by Kaspersky Labs, but given previous leaks of NSA exploit code it seems highly unlikely that they would all only be know the US.
    --
    UNIX? They're not even circumcised! Savages!

  • (Score: 3, Informative) by RamiK on Thursday March 22 2018, @08:30PM

    by RamiK (1813) on Thursday March 22 2018, @08:30PM (#656844)

    3) who's getting extradited for computer breaches inside a foreign sovereign state ?

    Well, according to the new judicial standard [theintercept.com], a measured response in this case would be bombing a small, American-owned, warehouse in the US.

    --
    compiling...