|
|
|
Thread Tools | Display Modes |
|
03-25-2014, 11:23 PM | Topic Starter |
Immanentize The Eschaton
Join Date: Oct 2002
Location: In Partibus Infidelium
Casino cash: $885880
|
Sophisticated malware discovered after 7 years, likely created by a nation-state
Security firm Kaspersky Labs recently released a research paper that uncovers the existence of a piece of highly complex malware that's been in circulation for almost seven years. It's called "The Mask," which is a rough English translation of Careto, a Spanish word for "ugly face" that was found in the malware's code. Aimed at high-level targets such as government institutions, embassies and large energy corporations, Kaspersky says "The Mask" has already claimed nearly 380 unique victims (with more than 1,000 IPs) in 31 countries that include China, France, Germany, the UK and the US. Kaspersky first spotted it in a spear phishing email campaign that entices the recipient over to malicious websites disguised as news sites like The Guardian and the Washington Post. Kaspersky reports that the malware is extremely sophisticated, with a set of tools that include a rootkit, a bootkit, versions that'll affect 32- and 64-bit Windows, Mac OS X, Linux and possibly even mobile operating systems like Android and iOS. Once it gets its hooks into your system, it can be used to hijack all your communication channels and snatch everything from Skype conversations to sensitive encryption keys. It's also very difficult to detect. Due to the level of finesse found in the malware, Kaspersky concludes that "The Mask" was very likely created by a nation-state, much like Stuxnet and Duqu. As to which nation-state that is, the security firm doesn't know, but says it's probably one that is Spanish-speaking based on the code's language. Intrigued? Go on and hit the PDF link here to get the full rundown of what Kaspersky discovered. http://www.securelist.com/en/downloa...emask_v1.0.pdf |
Posts: 56,226
|
03-26-2014, 08:35 AM | #2 |
'Tis my eye!
Join Date: Aug 2000
Location: Chiefsplanet
Casino cash: $10259900
|
I'm not clicking on that link.
|
Posts: 100,030
|
03-26-2014, 10:19 AM | #3 |
Keep doubting J MFing Houston
Join Date: May 2007
Location: ft.lauderdale
Casino cash: $4448036
|
|
Posts: 21,429
|
03-26-2014, 10:25 AM | #4 |
The 23rd Pillar
Join Date: Sep 2002
Casino cash: $10019237
|
__________________
“Boy, you all want power. God, I hope you never get it.” - Lindsay Graham |
Posts: 110,871
|
03-26-2014, 11:37 AM | #5 |
Veteran
Join Date: Apr 2012
Casino cash: $9995865
|
us govt opened up pandora's box by weaponizing the internet. Now its a free for all.
|
Posts: 2,174
|
03-26-2014, 11:39 AM | #6 |
The 23rd Pillar
Join Date: Sep 2002
Casino cash: $10019237
|
That makes no sense. If the US government unilaterally declines to participate in an "arms race", it doesn't mean the race won't happen, it just means that we will lose it.
__________________
“Boy, you all want power. God, I hope you never get it.” - Lindsay Graham |
Posts: 110,871
|
03-26-2014, 11:51 AM | #7 |
Immanentize The Eschaton
Join Date: Oct 2002
Location: In Partibus Infidelium
Casino cash: $885880
|
Pretty much.
|
Posts: 56,226
|
03-26-2014, 07:14 PM | #8 | |
Veteran
Join Date: Apr 2012
Casino cash: $9995865
|
Quote:
1. The US declared cyberattacks an act of war. 2. US undermined this position with the Stuxnet and Flame virus. 3. Instead of working to make US interests more secure, the US government has worked to cripple and backdoor hardware and software. This makes US companies and infrastructure more vulnerable to attack. 4. US finds and gather 0-day exploits and vulnerabilities for offensive attacks, but fail to tell US companies so that they may fix their vulnerabilities....once again making them more vulnerable to attack. America has been so busy with offensive capabilities and an cybe offensive arms race that they have neglected defense. |
|
Posts: 2,174
|
03-26-2014, 05:07 PM | #9 |
Veteran
Join Date: Nov 2011
Location: Villa Straylight
Casino cash: $9995610
|
|
Posts: 2,367
|
03-26-2014, 05:09 PM | #10 | |
'Tis my eye!
Join Date: Aug 2000
Location: Chiefsplanet
Casino cash: $10259900
|
Quote:
Intrigued? Go on and hit the PDF link here to get the full rundown of what Kaspersky discovered. |
|
Posts: 100,030
|
03-26-2014, 05:12 PM | #11 |
Veteran
Join Date: Nov 2011
Location: Villa Straylight
Casino cash: $9995610
|
Mandiant did the same thing last year. Likely a case of the marketing department not understanding the business or their audience.
|
Posts: 2,367
|
03-26-2014, 07:55 PM | #12 | |
Veteran
Join Date: Apr 2012
Casino cash: $9995865
|
Stuxnet will come back to Haunt us
Quote:
Last edited by planetdoc; 03-26-2014 at 08:01 PM.. |
|
Posts: 2,174
|
03-27-2014, 08:21 AM | #13 |
In BB I trust
Join Date: May 2003
Location: Boston, Mass.
Casino cash: $10029808
|
Stunningly naive, in my view, to think that other countries wouldn't use cyberweapons if the US hadn't done it first.
I also don't understand why/how the NSA controls whether privately developed software has backdoors, etc. I doubt Microsoft etc. would be very receptive to the NSA approaching them to do that.
__________________
"I love signature blocks on the Internet. I get to put whatever the hell I want in quotes, pick a pretend author, and bang, it's like he really said it." George Washington |
Posts: 43,125
|
03-27-2014, 08:33 AM | #14 | |
'Tis my eye!
Join Date: Aug 2000
Location: Chiefsplanet
Casino cash: $10259900
|
Quote:
One of the few that doesn't cooperate is Google (largely because they have world domination goals of their own that they don't want to share) and the government straight up went after them. |
|
Posts: 100,030
|
03-27-2014, 08:46 AM | #15 | |||||
Veteran
Join Date: Apr 2012
Casino cash: $9995865
|
Quote:
Quote:
Quote:
Quote:
Quote:
Last edited by planetdoc; 03-27-2014 at 09:00 AM.. |
|||||
Posts: 2,174
|
|
|