Submitted via IRC for chromas
The US Military Just Publicly Dumped Russian Government Malware Online
Usually it's the Russians that dump its enemies' files. This week, US Cyber Command (CYBERCOM), a part of the military tasked with hacking and cybersecurity focused missions, started publicly releasing unclassified samples of adversaries' malware it has discovered.
CYBERCOM says the move is to improve information sharing among the cybersecurity community, but in some ways it could be seen as a signal to those who hack US systems: we may release your tools to the wider world.
"This is intended to be an enduring and ongoing information sharing effort, and it is not focused on any particular adversary," Joseph R. Holstead, acting director of public affairs at CYBERCOM told Motherboard in an email.
On Friday, CYBERCOM uploaded multiple files to VirusTotal, a Google-owned search engine and repository for malware. Once uploaded, VirusTotal users can download the malware, see which anti-virus or cybersecurity products likely detect it, and see links to other pieces of malicious code.
(Score: 3, Interesting) by Snotnose on Monday November 12 2018, @12:59AM (1 child)
Do you really think the Russians (or current bogeyman) are the only ones that know about these vulnerabilities? IMHO, the more "secret" agencies that dump what they know into breaking into a system, the better for all of us.
Fix the damned holes, especially the ones you know about. There is no excuse, if I lose my banking info to hackers some Cxx Dude that cut the IT budget needs to go to prison.
Make the guys (yeah, no women show up in a cursory search) personally responsible. If I have to spend $1k and 6 months of my life fixing an identity theft that you decided wasn't worth paying the money to defend against, then fuck you. Fuck you royally, fuck your family, fuck your education. Flat out, fuck you. I hope you like your cellie, cuz if I have my way he's gonna be your best friend for 10 years.
When the dust settled America realized it was saved by a porn star.
(Score: 0) by Anonymous Coward on Monday November 12 2018, @11:15PM
No of course not. I'd be willing to say that an evaluation was made to tell if what's being dumped is in active use by our own TLAs to ensure that no active bugs were dumped first. Both make it look like we're the good ones revealing these security holes to the world when they've really been decommissioned as viable exploits by our TLAs. I have no evidence for this, but it follows logically that our TLAs would not leak anything in active use.
Actually there is. if a TLA is actively using that hole.
How do we know that it was the fault of budget cuts and not a TLA plant? You don't think they do that? They intercept Cisco routers in the mail and plant bugs. It's been documented. I mean if we're going to end someone's career over this let's get the right guys ok?
Please calm down and lay off the Kool Aide. If you have legitimately been the victim of a bank information leak then you really need to hire the services of a lawyer to recoup those financial loses you had to endure due to the incident. If not, getting hurt about a non-event only hurts you.
Note: TLA = Three Letter Agency, FBI, CIA, NSA, DEA, etc.