Hackers Distributed a Trojanized Build of Windows 10 to Infiltrate Ukrainian Targets - ExtremeTech:
Downloading a copy of Windows from shady online sources is never a good idea, but it was even more dangerous in Ukraine recently. Cybersecurity firm Mandiant identified a trojanized version of Windows 10 being distributed online, and it was modified specifically to gain access to Ukrainian computer systems. While there are no clear fingerprints on the malicious ISO, Mandiant notes the targets overlap with previous operations from Russia's security services.
The Windows installer purports to be a 64-bit build of Windows 10, labeled "Win10_21H2_Ukrainian_x64.iso." It uses the Ukrainian language pack and was distributed primarily on toloka.to, a torrent tracker that focuses on Ukrainian users. It also appeared on a Russian torrent tracker. It seems likely this malware campaign is connected to the ongoing war in Ukraine.
According to Mandiant, the campaign doesn't appear to have any financial motive — there are no ransomware installers or crypto miners to be seen. Although, distributing a Windows ISO isn't the most efficient way to get these malicious packages onto machines. It is, however, useful if you want complete access to a system with the ability to install additional malware packages when you find a juicy target. The way these additional tools were deployed led Mandiant to suspect Russia's GRU spy agency and government-backed hacking groups like APT28.
Installing the malicious ISO will get you what appears to be a fully functional version of Windows 10, but the underlying code has been modified in several vital ways. For one, it doesn't send security telemetry back to Microsoft as a regular build of Windows does. After installation, embedded tools scan the system for useful information via scheduled and modified system tasks. That data is then sent to a remote server. Some installations were also loaded with additional malware tools after installation, suggesting these targets were of particular interest to the hackers.
Of course, we wouldn't fall for this, would we? But I bet we all know someone who would happily install similar software if it was in their own language.
(Score: -1, Troll) by Anonymous Coward on Wednesday December 21, @06:10PM (17 children)
Ukraine is one of the most corrupt countries in the world. Easily in the top 8.
Are you surprised corruption leads to downloading illegal software?
Are you surprised Democrats are sending billions of dollars to a corrupt country with a movie-star for a leader?
(Score: 3, Interesting) by JoeMerchant on Wednesday December 21, @06:20PM
The movie star thing is just laughable... there's a whole Netflix series which no doubt paints him the plucky hero that people will want to root for.
Newsflash: I don't care how plucky hero likable the leader of Ukraine is, or was. When Moscow started to occupy the Crimea it should have been stopped then. Both sides of the aisle in DC should stand up against "Lebensraum" campaigns anywhere, particularly when nuclear weapons were exchanged with "peace guarantees" proven to be hollow so shortly thereafter.
I'm not a fan of Bush Sr. (much less a fan of W), but: the bushy "New World Order" is good for global business on a peaceful basis. What we've got going in Ukraine right now is good for weapons manufacturers. If we must serve our corporate overlords, I'd much rather be serving the ones that don't make things that go BOOM! Otherwise, we're back in Afghanistan, Vietnam, Korea, etc.
Україна досі не є частиною Росії Слава Україні🌻 https://news.stanford.edu/2023/02/17/will-russia-ukraine-war-end
(Score: 3, Informative) by RamiK on Wednesday December 21, @07:07PM (15 children)
( https://www.revenera.com/blog/software-monetization/software-piracy-stat-watch/ [revenera.com] )
compiling...
(Score: 2) by JoeMerchant on Wednesday December 21, @07:20PM (1 child)
Up through the late 1990s, Microsoft all but openly encouraged the pirating of their software, it was clearly part of their market monopoly strategy: get EVERYBODY using it whether they paid for it or not.
Україна досі не є частиною Росії Слава Україні🌻 https://news.stanford.edu/2023/02/17/will-russia-ukraine-war-end
(Score: 2) by RamiK on Wednesday December 21, @08:43PM
They still do much the same when they turn a blind eye to the OEM licenses resellers that make $10-15 windows pro, enterprise and office licenses available.
compiling...
(Score: 0) by Anonymous Coward on Wednesday December 21, @08:19PM (10 children)
I didn't mean "one of the most corrupt countries" by the facet of using illegal software. I meant "one of the most corrupt countries" by the facet of just how much money the United States is laundering through the country, the activities of the Ukrainian government, the bioweapons labs, the propaganda to get America to hate Russia again, etc...
(Score: 2) by RamiK on Wednesday December 21, @10:05PM (9 children)
They're not significantly any different from their neighbors when it comes to money laundering: https://sanctionscanner.com/blog/major-money-laundering-countries-251 [sanctionscanner.com]
First I've heard of it but it seems to be a Russian fake news thing: https://news.un.org/en/story/2022/10/1129952 [un.org]
The US hates anyone who poses military and economic competition. And, seeing how Russia and China stand out as mostly self sufficient in food production and core civilian infrastructure capabilities, have trade surpluses (compared to the US's deficit) and hold substantial nuclear deterrence, they get singled out.
If you go over at the nations by trade balance list and keep the above points in mind you'll realize it's a fairly consistent standard with no real exceptions: https://www.macrotrends.net/countries/ranking/trade-balance-deficit [macrotrends.net]
compiling...
(Score: 1) by khallow on Thursday December 22, @02:16AM (3 children)
Then why doesn't the EU get this alleged hate too? It too has all that (certainly more competitive than Russia which presents a low bar here) and it's much bigger than Russia by all the scales that matter.
As to the alleged "self-sufficiency" of Russia and China, they wouldn't be that paranoid if they were truly that invulnerable politically and economically. In particular, you can't explain Putin's gamble in the Ukraine by self-sufficiency. My bet is that he's deeply worried that Russia will fall apart (and him become public enemy number one), if they don't get some external enemies going. There's something wrong with the narrative.
The big thing missed here is that Russia and China are sociopathically shitty countries even by US standards.
(Score: 2) by RamiK on Thursday December 22, @01:50PM (2 children)
The EU isn't energy or food independent so it's leverage-able.
It's not paranoia. All countries run propaganda and disinformation campaigns to affect other countries' public opinions, elections, destabilize things etc... Western democracies are simply adversarial by design so they're able to contain more of it so they don't suppress as aggressively. But for one party juntas like Russia and China there's a real threat other countries (doesn't have to be the western democracies. It can be another eastern junta too...) will start funneling money and arms to their opposition to raise revolts.
Russia has long term concerns about its gas exports and food production due to climate change outcomes so they're acting on it. It's not significantly different from why the US and UK recently spent 30 years on oil wars.
It's not missed. It's just too obvious that it's not worth repeating. Regardless, undeveloped, resource rich countries end up with paranoid tyrannical homicidal maniacs at power since they're the only people zealot enough to resist all the money thrown at them from overseas. Otherwise, they end up being milked dry.
Besides, don't lump Russia and China together like that. China takes in a huge amount of migrant workers from its surrounding. Like, 300 million in 2021 last time I checked? So, while we consider China shitty compared to the west in terms of civil rights, amnesties and the likes... By eastern standards, China is clearly better than its neighbors in many ways.
compiling...
(Score: 1) by khallow on Friday December 23, @01:07AM (1 child)
You can say the same of Russia and China. I would consider the EU more food independent than these two.
Sorry, it's raging, bug-eyed paranoia. It's not just the loony propaganda and disinformation (such as Russia's scaremongering over Ukrainian neo-nazis or Chinese ruthless suppress even oblique criticism of the authorities - suppressing talk of Winnie the Pooh), but far more harmful actions such as Russia invading a neighbor and China imprisoning large portions of the Uyghur population.
Western democracies have plenty of loony, paranoid people too, but there's no mechanism by which they can run things forever. Sooner or later they get voted out.
And consider your last statement, western democracies have had plenty of money and arms funneled to their revolutionaries - the USSR did a lot of that BTW. It doesn't work so well because the system is stable and people mostly satisfied with the state of things. Places where that isn't so are the ones with this problem. That's another demonstration of the inherent insufficiency of the authoritarian systems. They superficially have food and fuel covered, but only as long as their societies continue to function.
"Acting on it" by invading Ukraine? Think about it. And it is significantly different since this war threatens to end Russia's ability to wage war in multiple ways. They really bit off a lot more than they could chew and yet they keep chewing. I also wager that climate change is more beneficial to Russia than advertised.
When you speculate why the US allegedly "hates" these countries, particularly on some tenuous theory of self-sufficiency, while ignoring how badly they suck, it's a clear call that obvious facts need to be repeated to you.
(Score: 2) by RamiK on Friday December 23, @04:21AM
China depends on fertilizer imports but is otherwise mostly self-sufficient in staples (or at least, could close the gap by 2025 if they decide to bother): https://jamestown.org/program/xi-seeks-to-accelerate-chinas-drive-for-self-sufficiency/ [jamestown.org]
Russia doesn't depend on fertilizer imports as badly as China and they could start making their own: https://www.statista.com/statistics/1103711/russia-food-self-sufficiency-rate-by-category/ [statista.com]
The EU depends on both fertilizer AND staples imports in huge quantities. There's no easy solution short of admitting Ukraine into the union.
You can get a feel for how significant are the long term issues with fertilizer use across Eurasia and why Ukraine is the focus of the current war by looking at the before and after maps in this study and realizing they're leaving out some lands within national borders so if that wasn't a factor, everything would have been done in Ukraine: https://www.nature.com/articles/s43247-022-00360-6 [nature.com]
Sure there is: Voting out democracy like the Germans did.
It doesn't work because those nations are rich enough that foreign capital isn't enough to corrupt local politics completely in favor of foreign interests.
Economy breeds forms of government. Not the other way around. Democracy happened in the west when guns made knights redundant and gave power to the land owners. When industrialization peaked to levels where nations depend on their military-industrial complex, we more or less deteriorated into a softened forms of fascism. The continual dependence on an educated middle class to keep technological innovation and management going is what keeps it all from falling apart into a military junta. However, the pace of growth is the only thing that keeps the balance and now that it's slowing down we're starting to see the cracks as social problems are being outsourced in he form of resource wars, charterers like Trump get elected and Corporatists vs. Woke feuds erupt as consequence of the socioeconomic changes going unrepresented in the political system for too long.
Between "hate", "apathetic" and "love", You can scratch off "love" easily enough and eliminate "apathetic" following simply by looking at just how much we talk about them. I guess you can add more resolution to the term "hate". Maybe, phobic? strongly dislike? concerned? disappointed? disgusted (with how much they suck)? Feel free to fill in the gaps. But, on the scale, it's definitely negative leaning towards "hate". Either way, people don't put up borders between one another to make friends. So, with my loose definition of hate in mind, we're a pretty hateful / xenophobic bunch by default.
With the above in mind, consider why Americans, eh, dislike the French but like the British.
Mind you, my world view makes it easier to analyze stuff like racism and institutional discrimination and is backed up by research that shows even 3-month-old babies discriminate against the other: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC2566511/ [nih.gov]
So, it might be more correct to say the US, like all nations, hate all other nations with the exception of nations they feel they can afford to like due to positive trade relation / military leverage. It means the same thing of course. But it sounds more politically correct I guess? Different strokes...
compiling...
(Score: 0) by Anonymous Coward on Thursday December 22, @03:39PM (4 children)
Yeah. It's *so* much Russian propaganda that it's literally listed on the US State Department website.
https://ua.usembassy.gov/embassy/kyiv/sections-offices/defense-threat-reduction-office/biological-threat-reduction-program/ [usembassy.gov]
(Score: 2) by RamiK on Thursday December 22, @06:26PM (3 children)
Have you even read the program description let alone the reports? There aren't any BSL-4 labs in Ukraine let alone ones operated by their military. They only have a BSL-3 diagnostic lab for growing cell cultures and such.
compiling...
(Score: 0) by Anonymous Coward on Thursday December 22, @08:44PM (2 children)
And no one has ever done anything off-label or against-label before.
My cans of spraypaint say "Do not inhale". So they're safe, right? No one would ever label a lab BSL-3 and then do some hinkey shit, right? Even BSL-4 labs like Wuhan do stupid shit and then leak it...
Accidents happen. Sometimes the accidents are even intentional.
(Score: 2) by RamiK on Friday December 23, @12:26AM
It's not about what they do. It's about what they CAN do. They simply don't have the staff and facilities to keep cultures and grow them for enough time and at sufficient quantities to perform the tests and selections you'd need for weapon research.
If a BSL-3 lab is an auto shop, a BSL-4 is a specificity shop that does overhauls and custom job while a weapons lab is a car factory.
They're processing swabs and blood panels from local hospital and the likes. Whatever mistake they make, it's already in the community.
Nothing got leaked from a lab in China. The last half dozen SARS viruses came from the local wildlife trade and there's no reason to think this one didn't come from it either: https://www.pnas.org/doi/10.1073/pnas.2214427119 [pnas.org]
Just like how there's BSL-4 facilities in Gabon to deal with the Ebola outbreaks, Wuhan has its own labs. It's standard practice to keep labs near problem area: https://www.globalbiolabs.org/ [globalbiolabs.org]
compiling...
(Score: 1) by khallow on Friday December 23, @01:12AM
You've gone from alleged proof of the weapon producing biolabs to evidence-free handwaving that they went off-label on something else. It's ridiculous to continue to push this story merely because they could have done it.
(Score: 2) by darkfeline on Wednesday December 21, @10:05PM (1 child)
I imagine most of those in the US are games and individuals/college students using expensive software like photoshop. I doubt that corporate software piracy is very high in the US (although I don't doubt that it happens).
Join the SDF Public Access UNIX System today!
(Score: 2) by RamiK on Thursday December 22, @03:28PM
The move to SaaS for obviously client-side software came about from software vendors realizing companies just don't keep track of their software licenses. That is, techs simply add every piece of software the company uses to their one-disk-image-to-serve-them-all. So, whether it's actually being used or not, you can bet your ass there's plenty of software corporate piracy still going on. It's just that the software vendor that care about end up doing telemetry or moving to SaaS and realize it was never being used and those that don't just license for something like 1000 heads and maybe throw in some basic pining to flag really unusual stuff.
compiling...
(Score: 2) by JoeMerchant on Wednesday December 21, @06:13PM
Whatever is on there now, if they've got a back door they can install ANYTHING in the future.
C'mon folks, this is bot-net 101, I designed one of these to run on 1200 baud acoustic modem connected PCs in 1985.
Україна досі не є частиною Росії Слава Україні🌻 https://news.stanford.edu/2023/02/17/will-russia-ukraine-war-end
(Score: 3, Insightful) by EEMac on Wednesday December 21, @08:14PM (2 children)
> Installing the malicious ISO will get you what appears to be a fully functional version of Windows 10, but the underlying code has been modified in several vital ways. For one, it doesn't send security telemetry back to Microsoft as a regular build of Windows does.
I'm interested already.
(Score: 2) by gawdonblue on Wednesday December 21, @11:44PM
+1 Yep
(Score: 2) by Username on Thursday December 22, @06:45AM
Any type of activator is considered malware by virustotal.
It's probably something like that. Or a driver updater. I'd download it and look.
(Score: 2) by legont on Wednesday December 21, @11:07PM
Russians mostly use - pirated and improved - Windows 7. It's called poker.
"Wealth is the relentless enemy of understanding" - John Kenneth Galbraith.
(Score: 2) by Rosco P. Coltrane on Thursday December 22, @12:40PM
Meaning Microsoft isn't the one using the OS as a platform to screw the user. When it's Microsoft, it's just called "Windows 10".