Stories
Slash Boxes
Comments

SoylentNews is people

posted by mrpg on Sunday August 13 2017, @07:41PM   Printer-friendly
from the so-everyone-is-the-enemy? dept.

A Russian government-sponsored group accused of hacking the Democratic National Committee last year has likely been infecting other targets of interest with the help of a potent Windows exploit developed by, and later stolen from, the National Security Agency, researchers said Friday.

Eternal Blue, as the exploit is code-named, is one of scores of advanced NSA attacks that have been released over the past year by a mysterious group calling itself the Shadow Brokers. It was published in April in the group's most damaging release to date. Its ability to spread from computer to computer without any user action was the engine that allowed the WCry ransomware worm, which appropriated the leaked exploit, to shut down computers worldwide in May. Eternal Blue also played a role in the spread of NotPetya, a follow-on worm that caused major disruptions in June.

Now, researchers at security firm FireEye say they're moderately confident the Russian hacking group known as Fancy Bear, APT 28, and other names has also used Eternal Blue, this time in a campaign that targeted people of interest as they connected to hotel Wi-Fi networks. In July, the campaign started using Eternal Blue to spread from computer to computer inside various staff and guest networks, company researchers Lindsay Smith and Ben Read wrote in a blog post. While the researchers didn't directly observe those attacks being used to infect guest computers connected to the network, they said a related campaign from last year used the control of hotel Wi-Fi services to obtain login credentials from guest devices.

Source: Russian group that hacked DNC used NSA attack code in attack on hotels


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 4, Insightful) by fustakrakich on Sunday August 13 2017, @07:55PM (8 children)

    by fustakrakich (6150) on Sunday August 13 2017, @07:55PM (#553346) Journal

    Theirs simply repeated the accusation.

    But, we all know that the DNC was not hacked.

    they're moderately confident... While the researchers didn't directly observe those attacks...

    But the Russians are guilty as fuck anyway, right?

    *sigh*

    --
    La politica e i criminali sono la stessa cosa..
    • (Score: 5, Insightful) by frojack on Sunday August 13 2017, @08:57PM (7 children)

      by frojack (1554) on Sunday August 13 2017, @08:57PM (#553361) Journal

      More importantly, everybody in the press looks past the fact that all of this was made possible by your friendly US Government. The same government that want's back doors into everything but apparently can't keep their own doors shut.

      Imagine the trouble we would all be in if they got their way, and every machine had their back doors, and those were leaked to every hacker on the net, as we know they would be.

      Internet e-commerce would cease to be a thing. It would be back to printed catalogs and telephone orders.
      All the crazy dreams of on-line voting would be shot to hell.
      There'd be little point in advertising on the web, because nothing on the web could be trusted.
      No one would bother to tweet anything, because source could never be verified.

      Wait.... oh, Never mind.

      --
      No, you are mistaken. I've always had this sig.
      • (Score: 4, Informative) by Thexalon on Sunday August 13 2017, @10:16PM

        by Thexalon (636) on Sunday August 13 2017, @10:16PM (#553384)

        The hotel hack was made possible by the good old NSA, who has plainly made the decision that attacking other peoples' networks is more important than securing our own networks.

        However, whatever happened at the DNC has never been proven to be a hack, much less a Russian hack. And if it was a hack, it wasn't a sophisticated hack: According to the DNC, John Podesta fell for a simple phishing email that could have been pulled off by most Soylentils, and it could have been thwarted by simple 2-factor authentication. And there's apparently significant evidence that it wasn't actually a hack, but a leak, just like Wikileaks said all along. But no surprise that "OMG! The Russians are coming!" was an easier story for the DNC to tell than "We're a bunch of idiots who are a solid decade behind the times technologically, which might have something to do with our IT being managed by people chosen for their generous donations to the Clintons than for their actual IT skills."

        --
        The only thing that stops a bad guy with a compiler is a good guy with a compiler.
      • (Score: 1, Informative) by Anonymous Coward on Monday August 14 2017, @01:15AM

        by Anonymous Coward on Monday August 14 2017, @01:15AM (#553411)

        And even funnier is that no one is denying the bad stuff in the emails. The big complaint is that everybody found out how bad the democrats were.

      • (Score: 0) by Anonymous Coward on Monday August 14 2017, @02:45AM (2 children)

        by Anonymous Coward on Monday August 14 2017, @02:45AM (#553432)

        This wasn't even a big ol hack. It was basically someone knew the passwords (password btw). That someone was an insider. They have a pretty good idea who it was.

        What is more interesting is the reaction to the leak instead of what was leaked. What was leaked is much much worse. I think their 'pied piper' stratagem failed on them (their words out of the emails). They have been pulling this boxing negotiation tactic for years by boxing their opponents into extreme positions. Trump flipped the table on them by taking on the position moderating back and then making them look like fools for bringing it up. He is now doing the same thing to the RNC. He is doing what he has done since his 20s. He is a power negotiator. He knows how to roll with their crap and hand it right back to them and give him exactly what he needs. Information. He now knows what they find valuable and what he can use to get what he wants. All of those tweets are to get his opponents to show their cards. It is amazing they fall for it and continue to fall for it. He is using it to put them off balance. It is a thing of amazement to watch.

        The next admin will get to spend years talking about how they are 'undoing the Trump administrations damage'. When in fact they will continue it. Because by then it will be clear it works.

        The march this last weekend is a perfect picture of how these jackasses work. They create fake controversy. Think of all of your republican friends and neighbors (they are ~30-50% of the population depending on how you count). Name one that has a nazi flag and then name one that will parade that thing around. None. Suddenly they have hundreds of them and no American flags? I am calling shenanigans. It is just blatant at this point.

        Think if they just worked with the man instead of opposing him. He spent his life building large construction projects. Think of our failing infrastructure and what he could do. Think if we had a good healthcare instead of very expensive catastrophic insurance. Just think. It could be amazing. Instead we will have 3.5 years of bitching about how terrible he is with no real 'terrible' showing up than made up bullshit.

        • (Score: 0) by Anonymous Coward on Monday August 14 2017, @03:38AM (1 child)

          by Anonymous Coward on Monday August 14 2017, @03:38AM (#553459)

          The Republican neighbors all have Confederate flags, not Nazi flags. They also parade them around and get them detailed on to their Ford F-150s.

          TBH, I think I'd rather have Nazi fashion. It's so much snappier.

          Plus, it doesn't help that their idea of the Confederacy isn't wealthy young officers and Southern belles. I could go for wealthy young officers and Southern belles, but we apparently can't have nice things.

          • (Score: 0) by Anonymous Coward on Monday August 14 2017, @06:28AM

            by Anonymous Coward on Monday August 14 2017, @06:28AM (#553526)

            I think I'd rather have Nazi fashion. It's so much snappier.

            Yes, that's how we figured out they're gay. They probably know the words to "Clang Clang Clang Goes the Trolley" also.

      • (Score: 2) by kaszz on Monday August 14 2017, @03:26AM (1 child)

        by kaszz (4211) on Monday August 14 2017, @03:26AM (#553454) Journal

        And the catalogs could not be printed because the desktop publisher and the printer were pw0ned and so was the SS7 phone system. I'll guess that will be handwriting and horse delivery..

        • (Score: 0) by Anonymous Coward on Monday August 14 2017, @03:41AM

          by Anonymous Coward on Monday August 14 2017, @03:41AM (#553461)

          guess that will be handwriting and horse delivery..

          Free upgrade to pony express with Amazon Prime.

  • (Score: 0) by Anonymous Coward on Sunday August 13 2017, @08:41PM (2 children)

    by Anonymous Coward on Sunday August 13 2017, @08:41PM (#553355)

    Like a 3-year-old's booger-encrusted security blanket, conspiracy nutters and tabloid media simply can't part with the worn-out "teh Rushins dood it!!!" narrative.

    For pity's sake, every damned security agency on the planet, and their NGO proxies, engage in creepy, shady shit. All of them. Most of it forever hidden from second-rate "security consultants" and scoop-hungry journos.

    So can we drop the hypocrisy and click-baiting on this dead horse?

    There is much more real trouble in the world to attend to.

    • (Score: 3, Insightful) by Anonymous Coward on Sunday August 13 2017, @09:14PM

      by Anonymous Coward on Sunday August 13 2017, @09:14PM (#553367)

      And apparently the DNC had a pretty bad ass network. With a 21MB per second up rate. Or it was a usb 2.0 drive.

    • (Score: 0) by Anonymous Coward on Monday August 14 2017, @03:44AM

      by Anonymous Coward on Monday August 14 2017, @03:44AM (#553463)

      There is much more real trouble in the world to attend to.

      We could use some Engineers without Borders stories, now that you mention it. I'll see what I can dig up.

      If more people were interested in projects like Engineers without Borders, the push for STEM might make a bit of sense, and the world would be a better place.

  • (Score: 0) by Anonymous Coward on Monday August 14 2017, @04:54AM

    by Anonymous Coward on Monday August 14 2017, @04:54AM (#553485)

    When the government can compel the corporation to include and not patch vulnerabilities for "national security" purposes it's not good for you. M$ itself says:

    Finally, this attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem. This is an emerging pattern in 2017. We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world. Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen. And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today – nation-state action and organized criminal action.

    The governments of the world should treat this attack as a wake-up call. They need to take a different approach and adhere in cyberspace to the same rules applied to weapons in the physical world. We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits. This is one reason we called in February for a new “Digital Geneva Convention” to govern these issues, including a new requirement for governments to report vulnerabilities to vendors, rather than stockpile, sell, or exploit them.

    -- https://blogs.microsoft.com/on-the-issues/2017/05/14/need-urgent-collective-action-keep-people-safe-online-lessons-last-weeks-cyberattack/ [microsoft.com]

  • (Score: 0) by Anonymous Coward on Monday August 14 2017, @03:25PM

    by Anonymous Coward on Monday August 14 2017, @03:25PM (#553709)

    With the evidence to the contrary [consortiumnews.com], you would think Ars would be concerned about being sued for libel for using a headline saying "Russian group that hacked DNC..."

(1)