SoylentNews is people
SoylentNews
All of you knew that it could only get worse:
Kaspersky malware probers have uncovered a new 'operating system-like' platform that [they claim] was developed and used by the National Security Agency (NSA) in its Equation spying arsenal. The EquationDrug or Equestre platform is used to deploy [an estimated] 116 plug-in modules to target computers that can siphon data and spy on victims. So far, only 30 modules have been identified.
"It's important to note that EquationDrug is not just a trojan, but a full espionage platform, which includes a framework for conducting cyber-espionage activities by deploying specific modules on the machines of selected victims," Kaspersky researchers say in a report.
The article goes on to explain that Kaspersky further believes that the software is part of the "NSA's campaign to infect hard disk firmware". There is considerably more detail in the article.
I think I am going to get my old manual typewriter out of the garage, get a new ribbon, use U.S. Mail instead of e-mail, and buy more ink for my fountain pens.
(Score: 3, Interesting) by wantkitteh on Tuesday March 17 2015, @03:07AM
You misunderstand on a few levels here. Firstly, the firmware alters the reported geometry of the drive, portioning off a piece of the drive that no OS will even know exists. Without repairing the drive's firmware, it cannot be cleaned up under any circumstances because the drive doesn't even let on that this storage area even exists any more. Secondly, this is not an active attack vector - it's a secondary tool for creating persistent storage that will survive a nuke and pave, will never be subjected to inspection by any AV or security systems, and will only be accessed by other segments of the malware family.
Imagine - every username and password combination ever entered on your laptop is squirreled away by this malware. Your admin does a nuke & pave prior to deploying a new OS image, oblivious to the fact the image is already compromised. The malware checks and finds this hidden storage area and already knows who the laptop is used by, what your username and password are, where you like to go for breakfast, what the last thing you bought from Amazon was....