How "Omnipotent" Hackers Tied To NSA Hid For 14 Years and Were Found At Last 115
Advocatus Diaboli writes The money and time required to develop the Equation Group malware, the technological breakthroughs the operation accomplished, and the interdictions performed against targets leave little doubt that the operation was sponsored by a nation-state with nearly unlimited resources to dedicate to the project. The countries that were and weren't targeted, the ties to Stuxnet and Flame, and the Grok artifact found inside the Equation Group keylogger strongly support the theory the NSA or a related US agency is the responsible party, but so far Kaspersky has declined to name a culprit. NSA officials didn't respond to an e-mail seeking comment for this story. What is safe to say is that the unearthing of the Equation Group is a seminal finding in the fields of computer and national security, as important, or possibly more so, than the revelations about Stuxnet.
Us vs them (Score:5, Funny)
We hack Iran to prevent them from releasing a bomb.
NK hacks us to prevent us from also releasing a bomb, IYKWIMAITYD.
Re: (Score:2, Funny)
Is it also the first movie you've ever seen ?
Re: (Score:3)
No, he's also seen Gigli, Ishtar, and Domino.
Re:Us vs them (Score:5, Funny)
Let's face it. If you're a Michael Bay fan, The Interview probably would come off as high art.
Re:He might be referring to this (Score:2)
Re:Us vs them (Score:4, Funny)
I didn't mean to upset the Michael Bay fans. I know how they all think Pearl Harbor is the highest achievement in cinema history, apart from Transformers: Revenge of the Fallen.
Re: (Score:2)
And Highlander 2.
/ No! No! There *is* no Highlander 2!
Re: (Score:2)
Re: (Score:2)
I watched it. I thought it was above average for a gross slapstick comedy.
Re: (Score:2)
The Interview is the funnies movie I've ever seen.
I'm so sorry for you.
IYKWIMAITYD (Score:2, Funny)
I had never seen this acronym before but when I seen it I automatically read it as If You Know What I Mean And I Think You Do. I am shutting down my computer now and taking a break from this internet thing.
Re: (Score:2)
Never seen it before either, and that's exactly how I read it too. Scary that he was right about knowing what you meant.
Cover locations. (Score:5, Interesting)
There is a building near Microsoft labeled "Affiliated Associations of America" which sounds shady as fuck.
Re: (Score:1)
There is a building near Microsoft labeled "Affiliated Associations of America" which sounds shady as fuck.
Yeah, they do employee health benefits which means, honestly they make NSA look like the young pioneers.
Re:Cover locations. (Score:5, Interesting)
Welcome to the AAOA benefits website. Through a cooperative platform, we developed a benefit program to enhance the value of membership for your Membership Organization or Association. AAOA provides a turnkey member benefit solution that offers companies and their employees an opportunity to reduce the costs of doing business. Take advantage of our group purchasing power and receive full access to exclusive member discounts and pricing. Look around the site and let us know if you have any questions or would like to discuss membership. With AAOA, membership doesn't cost, it pays!
Re: (Score:1)
It's just super meta. It sounds like they're a group that helps people start associations, and then connects them to each other, associating their associations and maybe letting them group-purchase tools to manage their memberships or something?
Re:Cover locations. (Score:4, Insightful)
It's probably more a service for running associations.
Suppose you're a grocery and you would like to implement a membership card. Now you have to deal with lost cards, signups, people wanting to know how many loyality points they have, decide how many points to give for which purchase, what to give as a reward for points spent, etc. etc.
This type of company takes it all out of your hands, provides a pre-packaged membership club with set rewards, tiers, perks, whatever, and puts your brandname on top of the website, the loyalty card, and the brochures. The grocery probably pays a price per customer that's lower than when they would run it themselves, and the affiliate organisation has scale, so can run things cheaper while providing better service than a single company can do.
Comment removed (Score:4, Funny)
Re: (Score:1)
And if you work with SQL, you can work in that building!
http://www.glassdoor.com/Job/Affiliated-Associations-of-America-Kirkland-Jobs-EI_IE478643.0,34_IL.35,43_IC1150472.htm
Apply now!
Re: (Score:1)
Re: (Score:3)
Also, the 8 story, black glass building with the barbed wire fences and security guards labeled "Flower Shop."
interesting infection rate graphic (Score:1)
Mainly for which countries are not listed. Hmmm.
"Found" (Score:2)
Re: (Score:1)
The whole thing is just hype. Enormous time and money? Deployment aside, I could DEVELOP something like this BY MYSELF. Virtual file systems? I wrote one on Fuse on a whim, to intercept disk access calls and check against policy. Exploiting a kernel driver? Same as exploiting anything else; it's a zero-day malware. Hundreds of CNC servers? Vanilla botnet--a deployment issue. Detecting iPhones and doing weird shit? Yeah, I work in DevOps; I have a server that detects mobile phones and redirects th
Re: (Score:2)
You are under arrest. Please keep your hands off the keyboard. Do not move quickly.
We will be at your door presently.
Sincerely,
Your Government
Re: (Score:2)
However government agencies using inside knowledge of source code to create these attack tools and then being stupid enough to use them ie release them into the wild where organised crime can get hold of them, is not so new. It fact it is totally and utterly mind bogglingly stupid thing to do, how fucking myopically short sighted can those fuckwits be. Government need to bloody wake up to what is going on and create a huge level of separation between attack and defence elements of cyber security. In fact t
Re: (Score:1)
They are hiring in the desert, probably could use someone like you.
Thinking of keyloggers, (Score:3)
Re:Thinking of keyloggers, (Score:4, Interesting)
Now I wonder if tabs work in passwords on *nix, if I set my username to be pwd and my password to be cd ../../<TAB><TAB>f<TAB> how would anyone figure that out from a keylog dump?
Re: (Score:2)
Running Linux and tightening up your browser should be good enough.
Re: (Score:2)
There are drive-by downloads from ad networks which you'll catch with a standard setup.
It's all bogus (Score:1)
There's no such thing as "omnipotent" hackers, it's all a bunch of *#*$&@%$@!$#@!#{}@{}#@}#${[[
NO CARRIER
Would you like to play a game?
How is this a good thing? (Score:4, Insightful)
It is without question that, at times, the intelligence community must have overstepped its bounds, as any entity with that much power would on occasion. Maybe in their case that happens far more often than it should. But does that really mean they should have no real power at all?
Re:How is this a good thing? (Score:5, Insightful)
Re: (Score:2, Insightful)
How do you know they don't have a warrant? It seems like using md5 and sha1 hashes to ensure they are only targeting specific individuals smells like somebody with very specific instructions and stiff repercussions. Otherwise it would be easier to grab a pile of people and sort them out later.
Re: (Score:2)
The idea is that,
Re:How is this a good thing? (Score:4, Interesting)
They are the intelligence community, not our national cybersecurity consulting firm, and they only ought to be notifying the public if the risk to national security involved in leaving the vulnerability open is greater than the risk to national security involved in losing the intelligence that could be gained from it.
What you're saying is we HAVE NO national cybersecurity entity whose purpose is to protect our infrastructure from bad actors using exactly the kinds of methods and exploits we're seeing here. And given that, we have to rely on Kaspersky to do it for us. Not only is it then a good thing, it's long overdue.
Re: (Score:1)
Essentially an argument that back-doors do more good than harm: 'Cold fjord', is that you?
Like a politician, you're saying your policy solves the problems we cause. What about the harm caused by a back-door? You haven't answered the basic question about back-doors: Can China use all those back-doors too? Because back-doors are good, then China gaining intelligence must be good too. By the way, your answer doesn't count, only China's.
Most intelligence is about intellectual property. That is, the stuff
Re: (Score:2)
To address your other point: I think that, if there is evidence that industrial espionage against t
Re: (Score:2)
"what would happen if every soldier's gun had a chip that required "command approval" before any member of a squad could start firing? Sure, individual soldiers kill the wrong people, and for the wrong reasons, all the time. Hopefully, though, most of the time it is for the right reasons. "
What would happen if every computerized autonomous weapon system had a chip that required "command approval" before firing?
There's no such a chip on soldiers' weapons for a twofold reason:
* There's not enough man/computer
Re:How is this a good thing? (Score:5, Insightful)
I think the intelligence community has done more harm than good more often than not.
I think American foreign policy has done more harm than good to America more often than not.
For example, look at the Iraq war. We destabilized that entire region of the middle east, and left it wide open for ISIS and other militant groups.
We supported the other "color" revolutions which also deposed effective dictators who were finally out of power after we supported them for so long. In every case the hippie revolutionaries were quickly brushed aside and replaced by really tough guys.
Same with Assad in Syria. When he loses control of a region, ISIS moves in. You notice that the U.S. has stopped calling for Assad to leave.
Re: (Score:1)
The application of force (Score:2)
I think the intelligence community has done more harm than good more often than not.
I think American foreign policy has done more harm than good to America more often than not.
Throughout history, it has been the use of power which has undermined empires, and the threat of the use of power which makes them most effective. Wars are costly and can be unpredictable; they have almost always much more expensive than planned and almost always much less useful, except at certain very defined tasks. (Giving someone a temporary boost to poll numbers, uniting a country against a perceived threat, acting as a salve to respond to demand for war that leaders are afraid to turn down).
There ar
Re: (Score:2)
What our intelligence services are doing is overthrowing brutal, efficient dictators who kept their country together and replacing them with brutal, inefficient armed gangs who are tearing their country apart.
Saddam Hussain had one of the best education systems, and one of the best health care systems, in the mideast. They had a higher ratio of female college professors than we do in the US.
Re: (Score:1)
Confirmation bias. When intelligence succeeds, you never hear about it. ULTRA, probably the most successful intelligence operation ever, was kept secret for decades. Nobody knew what it was or how it had helped.
You need to watch it talking about the color revolutions that way. Sounds like dog whistle racism to me. Just because Obama did it doesn't mean it was wrong. Nobody could have predicted this outcome.
Re: (Score:1)
The term "color revolution" has nothing to do with race. It refers to movements like the Orange Revolution in the Ukraine, the Rose Revolution in Georgia, the Purple Revolution in Iraq, the Cedar Revolution in Lebanon (not a color but it fits in the category), and the other revolutions of the Arab Spring.
What they have in common is that most of them, like the Orange Revolution, got money, strategic advice, and other support from the U.S., through the International Republican Institute and the National Democ
Re: (Score:2)
It's a good thing because I appreciate knowing what kind of country I really live in. For most of my life I thought I lived in a country that wouldn't torture people. Later I learned that the CIA not only tortures people, they ship people to other countries so they can be tortured harder. That's one of many examples of the things they don't teach you in school that should nonetheless influence how you think and vote. I want to know the ugly truth about what's going on. It probably won't make me happy,
The headlne and the text say different things (Score:3)
The headlne says different things than the text and the original article.
The headline says that they "were found"... but they weren't.
The headline that they are "tied to NSA"... but TFA says that "researchers stopped short of saying Equation Group was the handiwork of the NSA."
Thank you (Score:2)
Read the headline which sounded interesting but the summary sounded like a completely different story.
Revised- headlne and the text say different things (Score:2)
Actually, I should modify my comment. The headline does say a different thing from the summary, but the actual article does in fact go on to give some reasonable evidence that connecting the group to the NSA. So, "tied to NSA" is an accurate summary, although with the caveat "tied to" is words that "stop short" of saying that it actually is the NSA.
Re: (Score:3)
The headline that they are "tied to NSA"... but TFA says that "researchers stopped short of saying Equation Group was the handiwork of the NSA."
In fairness, by 'stopped short' they mean that the Kaspersky guys essentially said, 'We're not saying it's the NSA - we just can't imagine anyone else on the face of the earth who has the resources necessary to do this kind of thing.' So yes, the report was released with a nod in the direction of the NSA.
Re: (Score:2)
The headline that they are "tied to NSA"... but TFA says that "researchers stopped short of saying Equation Group was the handiwork of the NSA."
That's a clever turn of phrase. Kaspersky pointedly calls them out as NSA, but doesn't explicitly say "this is a group at NSA".
Re: (Score:2)
The headlne says different things than the text and the original article.
The headline says that they "were found"... but they weren't.
The headline that they are "tied to NSA"... but TFA says that "researchers stopped short of saying Equation Group was the handiwork of the NSA."
Tell me something, when you find a hack of this magnitude, how quickly are you going to be willing to jump up and down screaming "they did it! they did it!"?
"stopped short" is politically correct speak for we-know-who-not-to-fuck-with.
Oh, by the way (Score:1)
Re: (Score:2, Informative)
RTFA. They point out that they don't have an example of actual Mac infections (they only have two for Windows over the last 15 years), but that they get regular communication from infected machines identifying as Mac OS. Kaspersky makes it clear that they believe Macs are also compromised as a result. Nothing is mentioned about Linux, but I'd be surprised if they don't have access there as well.
The NSA hides surveillance software in hard drives (Score:5, Informative)
Re: (Score:1)
What's scary is they aren't just hiding in the hard drives. They are actually rewriting the firmware of those drives, and carving out invisible partitions that that can't get formatted.
Is the US gov't (Score:2)
Re: (Score:1)
Yes, they'll make us all use Comcast. Explains the merger.
Infected machines reporting to Equation Group? (Score:2)
What vectors did the malware exploit to load-and-excute on the targeted Windows, iOS and OS X devices? Please provide samples of the disassembled code.
Unregistered (Score:2)
Running MD5sum on Unregistered (with no carriage return) produces the hash 84b8026b3f5e6dcfb29e82e0b0b0f386
The article used a lower-case u in unregistered, which produces a different hash.
Still no luck on figuring out e6d290a03b70cfa5d4451da444bdea39
My email address doesn't hash to it, so I guess I'm not being singled out.
Re: (Score:2)
Stupidity (Score:2)
These Guys Are Fucking Geniuses (Score:4, Interesting)
You can hate the NSA all you want, but I have to tip my cap at their utter genius.
Beyond the technical similarities to the Stuxnet and Flame developers, Equation Group boasted the type of extraordinary engineering skill people have come to expect from a spy organization sponsored by the world's wealthiest nation. One of the Equation Group's malware platforms, for instance, rewrote the hard-drive firmware of infected computersâ"a never-before-seen engineering marvel that worked on 12 drive categories from manufacturers including Western Digital, Maxtor, Samsung, IBM, Micron, Toshiba, and Seagate.
The malicious firmware created a secret storage vault that survived military-grade disk wiping and reformatting, making sensitive data stolen from victims available even after reformatting the drive and reinstalling the operating system. The firmware also provided programming interfaces that other code in Equation Group's sprawling malware library could access. Once a hard drive was compromised, the infection was impossible to detect or remove.
Thank you, NSA (Score:2)
Thank you, National Security Agency, for doing such a truly brilliant job of damaging future prospects for the American computer hardware industry. Smart move to leave the torture to the CIA, no reason for geeks to get their hands dirty. You, along with the CIA, daily provide the rest of the world with evident of how deeply, incredibly stupid supposedly smart people can be when they don't mix with grown-ups. Congratulations!
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
Often, I'm told.
Re: (Score:2)
is such that certain crimes are so grave that they transcend the realm of due process and require summary execution.
The whole point of due process is to ensure that yes, this is indeed the guilty party to be punished. Historically, the witch hunt was one popular alternative.