Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 15 submissions in the queue.
posted by LaminatorX on Tuesday February 17 2015, @11:54AM   Printer-friendly
from the nothing-to-hide dept.

Dan Goodin of Ars Technica writes about a newly-discovered hacking platform recently revealed by Kaspersky.

They are labeling the operators 'Equation Group,' and multiple zero-day exploits in the malware kit appear to be related to those which were used by Stuxnet to hack Iran's Natanz nuclear facility in 2010. It is by far the most advanced malware ever discovered, going so far as to flash malicious firmware on the hard disks of no fewer than 12 vendors. Much of the malware was distributed through usual channels such as Java vulnerabilities or ad networks, but it was even found on CDs which were mailed to attendees of a conference in Houston in 2009 which were intercepted and modified to deliver the malicious payload.

The sophistication of the operations and the malware itself leave little doubt that Equation Group is is a state-sponsored organization. The scariest part of it might be that the operation is over 14 years old and unfortunately, much of the malware is yet to be reverse-engineered. Kaspersky has been reaching out to white hats for further assistance in determining the nature and capabilities of the software.

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Touché) by morgauxo on Tuesday February 17 2015, @02:40PM

    by morgauxo (2082) on Tuesday February 17 2015, @02:40PM (#146121)

    "just how many realistically could be involved in this sort of activity"

    I guess that depends on where you set the bar for 'involved'. Do you work some sort of supporting roll for a government which does this? Then to a degree (perhaps very small) you are involved. Actually.. do you even have to work for them? Do you pay taxes? Do you vote? If yes to either than by some meaning of 'involved' you ARE involved!

    Have a nice day you black hatted criminal!

    Starting Score:    1  point
    Moderation   +3  
       Disagree=1, Touché=3, Total=4
    Extra 'Touché' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   5  
  • (Score: 2, Insightful) by Anonymous Coward on Tuesday February 17 2015, @03:25PM

    by Anonymous Coward on Tuesday February 17 2015, @03:25PM (#146150)

    Do you read SoylentNews? Then you are generating traffic and thus income for internet providers who pay taxes. I leave the conclusion as exercise to the reader.

    • (Score: 1, Redundant) by halcyon1234 on Tuesday February 17 2015, @06:39PM

      by halcyon1234 (1082) on Tuesday February 17 2015, @06:39PM (#146233)

      Do you read SoylentNews? Then you are generating traffic and thus income for internet providers who pay taxes. I leave the conclusion as exercise to the reader.

      Sorry, but I don't take orders from fucking filthy criminals like you... you SoylentNews reading shitstain.

      --
      Original Submission [thedailywtf.com]
  • (Score: 4, Insightful) by Thexalon on Tuesday February 17 2015, @04:24PM

    by Thexalon (636) on Tuesday February 17 2015, @04:24PM (#146169)

    I guess that depends on where you set the bar for 'involved'.

    I'd say, at minimum, to be involved in a crime you must:
    1. Be aware that it is happening.
    2. If you are obligated to report that it is happening, fail to do so (unless you are coerced into remaining silent e.g. by threats to your life or family).
    3. If you are not obligated to report that it is happening, take some sort of action that supports the criminal undertaking (again, unless you are coerced into that action).

    For example, I'd consider it extremely unlikely that the vast majority of people who work for the Department of Agriculture had anything to do with this crime, and thus should be held blameless for it. And those involved solely because they pay their taxes or vote are absolved either by not knowing about it (almost everybody) or being coerced into it because the IRS can take your stuff at gunpoint if you don't pay your taxes (everybody else).

    --
    Vote for Pedro
    • (Score: 3, Funny) by DECbot on Tuesday February 17 2015, @06:37PM

      by DECbot (832) on Tuesday February 17 2015, @06:37PM (#146231) Journal

      I see where this is going....

      I'd say, at minimum, to be involved in a crime you must:
      1. Be aware that it is happening.
      2. If you are obligated to report that it is happening, fail to do so (unless you are coerced into remaining silent e.g. by threats to your life or family).
      3. If you are not obligated to report that it is happening, take some sort of action that supports the criminal undertaking (again, unless you are coerced into that action).
      4. ???
      5. Profit!

      --
      cats~$ sudo chown -R us /home/base
    • (Score: 3, Insightful) by Nobuddy on Tuesday February 17 2015, @07:29PM

      by Nobuddy (1626) on Tuesday February 17 2015, @07:29PM (#146263)

      Reporting the government's criminal activity is a crime.

    • (Score: 1) by art guerrilla on Wednesday February 18 2015, @01:23AM

      by art guerrilla (3082) on Wednesday February 18 2015, @01:23AM (#146375)

      "1. Be aware that it is happening."

      uh oh, that has several bad, bad, bad results:
      1. so, as long as the eee-vil is distributed enough so that each participant has only a teeny, tiny piece of (ambiguous?) eee-vil to do, then everything is jake ? ? ? no, i don't think so...
      2. so, as long as the eee-vil is buried deep enough, covered up enough, or otherwise goes unnoticed, then we are cool ? ? ? no, i don't think so...

      also, i guess it is hardly unexpected, but the original poster who make the flippant and hyperbolic comment OBVIOUSLY not meant to be taken TECHNICALLY seriously, has spawned a bunch of 'but what about a file clerk sorting form 12Q-stroke-Z-dash-49's, are they eee-vil ? ? ?' well, i don't know, maybe form 12Q-stroke-Z-dash-49 is the form which gets you on the extra-judicial ASSASSINATION list, but they don't know that... are they still 'doing eee-vil' ? ? ? (see above)

      i think the larger point they were making (AND i feel is getting to the point of validity), is EVERYONE working in the gummint becomes guilty by association of furthering a vast kriminal enterprise (AKA Empire)... i mean, people who are nobodies in real organized crime/mafia scenarios are 'just as guilty' as those who do the actual hits, isn't that how the 'law'' treats them ? ? ? why shouldn't ALL gummint employees be subject to that same line of thinking: they are KNOWINGLY associating with a vast kriminal konspiracy, so it doesn't matter if they are delivering coffee and donuts for them, they are 'just as guilty', richtig ? ? ?