[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Mail]  [Sign-in]  [Setup]  [Help]  [Register] 

British leftist student tells Charlie Kirk facts are unfair

The 2 Billion View Video: Charlie Kirk's Most Viewed Clips of 2024

Antifa is now officially a terrorist organization.

The Greatness of Charlie Kirk: An Eyewitness Account of His Life and Martyrdom

Charlie Kirk Takes on Army of Libs at California's UCR

DR. ALVEDA KING: REST IN PEACE CHARLIE KIRK

Steven Bonnell wants to murder Americans he disagrees with

What the fagots LGBTQ really means

I watched Charlie Kirk get assassinated. This is my experience.

Elon Musk Delivers Stunning Remarks At Historic UK March (Tommy Robinson)

"Transcript: Mrs. Erika Kirk Delivers Public Address: ‘His Movement Will Go On’"

"Victor Davis Hanson to Newsmax: Kirk Slaying Crosses Rubicon"

Rest In Peace Charlie Kirk

Charlotte train murder: Graphic video captures random fatal stabbing of young Ukrainian refugee

Berlin in July 1945 - Probably the best restored film material you'll watch from that time!

Ok this is Funny

Walking Through 1980s Los Angeles: The City That Reinvented Cool

THE ZOMBIES OF AMERICA

THE OLDEST PHOTOS OF NEW YORK YOU'VE NEVER SEEN

John Rich – Calling Out P. Diddy, TVA Scandal, and Joel Osteen | SRS #232

Capablanca Teaches Us The ONLY Chess Opening You'll Ever Need

"How Bruce Springsteen Fooled America"

How ancient Rome was excavated in Italy in the 1920s. Unique rare videos and photos.

Reagan JOKE On The Homeless

The Deleted Wisdom (1776 Report)

Sicko Transfaggots video

The Englund Gambit Checkmate

20 Minutes Of Black DC Residents Supporting Trump's Federal Takeover!

"Virginia Public Schools Deserve This Reckoning"

"'Pack the Bags, We're Going on a Guilt Trip'—the Secret to the Democrats' Success"

"Washington, D.C., Is a Disgrace"

"Trump Orders New 'Highly Accurate' Census Excluding Illegals"

what a freakin' insane asylum

Sorry, CNN, We're Not Going to Stop Talking About the Russian Collusion Hoax

"No Autopsy Can Restore the Democratic Party’s Viability"

RIP Ozzy

"Trump floats 'restriction' for Commanders if they fail to ditch nickname in favor of Redskins return"

"Virginia Governor’s Race Heats Up As Republican Winsome Sears Does a Hard Reboot of Her Campaign"

"We Hate Communism!!"

"Mamdani and the Democratic Schism"

"The 2nd Impeachment: Trump’s Popularity Still Scares Them to Death"

"President Badass"

"Jasmine Crockett's Train Wreck Interview Was a Disaster"

"How Israel Used Spies, Smuggled Drones and AI to Stun and Hobble Iran"

There hasn’T been ... a single updaTe To This siTe --- since I joined.

"This Is Not What Authoritarianism Looks Like"

America Erupts… ICE Raids Takeover The Streets

AC/DC- Riff Raff + Go Down [VH1 Uncut, July 5, 1996]

Why is Peter Schiff calling Bitcoin a ‘giant cult’ and how does this impact market sentiment?

Esso Your Butt Buddy Horseshit jacks off to that shit


Status: Not Logged In; Sign In

Computers-Hacking
See other Computers-Hacking Articles

Title: New smoking gun further ties NSA to omnipotent “Equation Group” hackers
Source: Ars Technica
URL Source: http://arstechnica.com/security/201 ... potent-equation-group-hackers/
Published: Mar 11, 2015
Author: Dan Goodin
Post Date: 2015-03-11 12:05:00 by Tooconservative
Keywords: malware, NSA
Views: 544

New smoking gun further ties NSA to omnipotent “Equation Group” hackers
What are the chances unrelated state-sponsored projects were both named "BACKSNARF"?

Researchers from Moscow-based Kaspersky Lab have uncovered more evidence tying the US National Security Agency to a nearly omnipotent group of hackers who operated undetected for at least 14 years.

The Kaspersky researchers once again stopped short of saying the hacking collective they dubbed Equation Group was the handiwork of the NSA, saying only that the operation had to have been sponsored by a nation-state with nearly unlimited resources to dedicate to the project. Still, they heaped new findings on top of a mountain of existing evidence that already strongly implicated the spy agency. The strongest new tie to the NSA was the string "BACKSNARF_AB25" discovered only a few days ago embedded in a newly found sample of the Equation Group espionage platform dubbed "EquationDrug." "BACKSNARF," according to page 19 of this undated NSA presentation, was the name of a project tied to the NSA's Tailored Access Operations.

"BACKSNARF" joins a host of other programming "artifacts" that tied Equation Group malware to the NSA. They include "Grok," "STRAITACID," and "STRAITSHOOTER." Just as jewel thieves take pains to prevent their fingerprints from being found at their crime scenes, malware developers endeavor to scrub usernames, computer IDs, and other text clues from the code they produce. While the presence of the "BACKSNARF" artifact isn't conclusive proof it was part of the NSA project by that name, the chances that there were two unrelated projects with nation-state funding seems infinitesimally small.

The code word is included in a report Kaspersky published Wednesday detailing new technical details uncovered about Equation Group. Among other new data included in the report, the timestamps stored inside the Equation Group malware showed that members overwhelmingly worked Monday through Friday and almost never on Saturdays or Sundays. The hours in the timestamps appeared to show members working regular work days, an indication they were part of an organized software development team. Assuming they worked a regular 8 to 5 workday, the timestamps show the employees were likely in the UTC-3 or UTC-4 time zone, a finding that would be consistent with people working in the Eastern part of the US. The Kaspersky report discounted the possibility the timestamps were intentionally manipulated, since the years listed in various executable files appeared to match the availability of computer platforms the files ran on.

Previously found evidence suggesting a possible connection to the NSA included the Equation Group's aptitude for conducting interdictions that in 2009 placed highly advanced malware on a CD-ROM sent to a prestigious researcher who attended a scientific conference. That interdiction was similar to an NSA-sponsored one detailed in documents leaked by former NSA subcontractor Edward Snowden that installed covert implant firmware on a Cisco Systems router as it was being shipped to its unwitting customer. Still other ties included zero-day vulnerabilities shared between Equation Group malware and the NSA-led Stuxnet worm that sabotaged Iranian uranium enrichment efforts in 2009 or so. The countries that were and were not targeted are also consistent with Equation Group being a US-sponsored project.

Most of the new details included in Tuesday's report will be of interest only to hard-core researchers. Still, they only bolster previous findings that Equation Group was hands down the world's most advanced hacking operation ever to come to light. Whereas before the sprawling Equation Drug platform was known to support 35 different modules, Kaspersky has recently unearthed evidence there are 115 separate plugins. The architecture resembles a mini operating system with kernel- and user-mode components alike. Readers can expect more revelations to come as researchers continue to analyze new samples and further examine the malware that has already come to light.


Poster Comment:

Well, well, well. Those nice Russian fellows at Kaspersky are helping us learn more about NSA's hidden partnerships. We should write Vlad a thank-you note. (1 image)

Post Comment   Private Reply   Ignore Thread  


[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Mail]  [Sign-in]  [Setup]  [Help]  [Register] 

Please report web page problems, questions and comments to webmaster@libertysflame.com