Submitted via IRC for chromas
The US Military Just Publicly Dumped Russian Government Malware Online
Usually it's the Russians that dump its enemies' files. This week, US Cyber Command (CYBERCOM), a part of the military tasked with hacking and cybersecurity focused missions, started publicly releasing unclassified samples of adversaries' malware it has discovered.
CYBERCOM says the move is to improve information sharing among the cybersecurity community, but in some ways it could be seen as a signal to those who hack US systems: we may release your tools to the wider world.
"This is intended to be an enduring and ongoing information sharing effort, and it is not focused on any particular adversary," Joseph R. Holstead, acting director of public affairs at CYBERCOM told Motherboard in an email.
On Friday, CYBERCOM uploaded multiple files to VirusTotal, a Google-owned search engine and repository for malware. Once uploaded, VirusTotal users can download the malware, see which anti-virus or cybersecurity products likely detect it, and see links to other pieces of malicious code.
(Score: 4, Informative) by RandomFactor on Monday November 12 2018, @03:00AM
They also setup a twitter account where they will announce future such uploads: https://twitter.com/CNMF_VirusAlert [twitter.com]
Note that this is a new initiative targeted at foreign APT malware (APT = Advanced Persistent Threat)
ZD has an article on it also https://www.zdnet.com/article/us-cyber-command-starts-uploading-foreign-apt-malware-to-virustotal/ [zdnet.com]
В «Правде» нет известий, в «Известиях» нет правды