Home Discord Chat
Go Back   ChiefsPlanet > Nzoner's Game Room > Media Center

Reply
 
Thread Tools Display Modes
Old 03-25-2014, 11:23 PM   Topic Starter
listopencil listopencil is offline
Immanentize The Eschaton
 
listopencil's Avatar
 
Join Date: Oct 2002
Location: In Partibus Infidelium
Casino cash: $2625880
Sophisticated malware discovered after 7 years, likely created by a nation-state




Security firm Kaspersky Labs recently released a research paper that uncovers the existence of a piece of highly complex malware that's been in circulation for almost seven years. It's called "The Mask," which is a rough English translation of Careto, a Spanish word for "ugly face" that was found in the malware's code. Aimed at high-level targets such as government institutions, embassies and large energy corporations, Kaspersky says "The Mask" has already claimed nearly 380 unique victims (with more than 1,000 IPs) in 31 countries that include China, France, Germany, the UK and the US. Kaspersky first spotted it in a spear phishing email campaign that entices the recipient over to malicious websites disguised as news sites like The Guardian and the Washington Post.

Kaspersky reports that the malware is extremely sophisticated, with a set of tools that include a rootkit, a bootkit, versions that'll affect 32- and 64-bit Windows, Mac OS X, Linux and possibly even mobile operating systems like Android and iOS. Once it gets its hooks into your system, it can be used to hijack all your communication channels and snatch everything from Skype conversations to sensitive encryption keys. It's also very difficult to detect. Due to the level of finesse found in the malware, Kaspersky concludes that "The Mask" was very likely created by a nation-state, much like Stuxnet and Duqu. As to which nation-state that is, the security firm doesn't know, but says it's probably one that is Spanish-speaking based on the code's language. Intrigued? Go on and hit the PDF link here to get the full rundown of what Kaspersky discovered.


http://www.securelist.com/en/downloa...emask_v1.0.pdf
Posts: 55,713
listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.
    Reply With Quote
Old 03-26-2014, 08:35 AM   #2
htismaqe htismaqe is offline
'Tis my eye!
 
htismaqe's Avatar
 

Join Date: Aug 2000
Location: Chiefsplanet
Casino cash: $10269900
I'm not clicking on that link.
Posts: 100,022
htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.
    Reply With Quote
Old 03-26-2014, 10:19 AM   #3
beach tribe beach tribe is offline
Keep doubting J MFing Houston
 
beach tribe's Avatar
 

Join Date: May 2007
Location: ft.lauderdale
Casino cash: $4878036
Quote:
Originally Posted by htismaqe View Post
I'm not clicking on that link.
My thoughts exactly.
Posts: 21,429
beach tribe is obviously part of the inner Circle.beach tribe is obviously part of the inner Circle.beach tribe is obviously part of the inner Circle.beach tribe is obviously part of the inner Circle.beach tribe is obviously part of the inner Circle.beach tribe is obviously part of the inner Circle.beach tribe is obviously part of the inner Circle.beach tribe is obviously part of the inner Circle.beach tribe is obviously part of the inner Circle.beach tribe is obviously part of the inner Circle.beach tribe is obviously part of the inner Circle.
    Reply With Quote
Old 03-26-2014, 10:25 AM   #4
patteeu patteeu is offline
The 23rd Pillar
 
patteeu's Avatar
 

Join Date: Sep 2002
Casino cash: $10019237
Quote:
Originally Posted by htismaqe View Post
I'm not clicking on that link.
__________________


“Boy, you all want power. God, I hope you never get it.” - Lindsay Graham
Posts: 110,871
patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.
    Reply With Quote
Old 03-26-2014, 11:37 AM   #5
planetdoc planetdoc is offline
Veteran
 

Join Date: Apr 2012
Casino cash: $9995865
us govt opened up pandora's box by weaponizing the internet. Now its a free for all.
Posts: 2,174
planetdoc has disabled reputation
    Reply With Quote
Old 03-26-2014, 11:39 AM   #6
patteeu patteeu is offline
The 23rd Pillar
 
patteeu's Avatar
 

Join Date: Sep 2002
Casino cash: $10019237
Quote:
Originally Posted by planetdoc View Post
us govt opened up pandora's box by weaponizing the internet. Now its a free for all.
That makes no sense. If the US government unilaterally declines to participate in an "arms race", it doesn't mean the race won't happen, it just means that we will lose it.
__________________


“Boy, you all want power. God, I hope you never get it.” - Lindsay Graham
Posts: 110,871
patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.
    Reply With Quote
Old 03-26-2014, 11:51 AM   #7
listopencil listopencil is offline
Immanentize The Eschaton
 
listopencil's Avatar
 

Join Date: Oct 2002
Location: In Partibus Infidelium
Casino cash: $2625880
Quote:
Originally Posted by patteeu View Post
That makes no sense. If the US government unilaterally declines to participate in an "arms race", it doesn't mean the race won't happen, it just means that we will lose it.
Pretty much.
__________________
Everything the State says is a lie, and everything it has...it has stolen.

Posts: 55,713
listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.
    Reply With Quote
Old 03-26-2014, 07:14 PM   #8
planetdoc planetdoc is offline
Veteran
 

Join Date: Apr 2012
Casino cash: $9995865
Quote:
Originally Posted by patteeu View Post
That makes no sense. If the US government unilaterally declines to participate in an "arms race", it doesn't mean the race won't happen, it just means that we will lose it.
nope. you dont have to use those offensive capabilities like the US did with stuxnet. Its like saying that since the US has nuclear weapons than they should go ahead and use it.

1. The US declared cyberattacks an act of war.

2. US undermined this position with the Stuxnet and Flame virus.

3. Instead of working to make US interests more secure, the US government has worked to cripple and backdoor hardware and software. This makes US companies and infrastructure more vulnerable to attack.

4. US finds and gather 0-day exploits and vulnerabilities for offensive attacks, but fail to tell US companies so that they may fix their vulnerabilities....once again making them more vulnerable to attack.

America has been so busy with offensive capabilities and an cybe offensive arms race that they have neglected defense.
Posts: 2,174
planetdoc has disabled reputation
    Reply With Quote
Old 03-26-2014, 05:07 PM   #9
DaveNull DaveNull is offline
Veteran
 
DaveNull's Avatar
 

Join Date: Nov 2011
Location: Villa Straylight
Casino cash: $10005610
Quote:
Originally Posted by htismaqe View Post
I'm not clicking on that link.
Seriously. How about a plain text file? Or a Word document for that matter. Just don't choose the same file format that the tool likely used in the spear phishing attacks to begin with.
Posts: 2,367
DaveNull Forgot to Remove His Claytex and Got Toxic Shock Syndrome.DaveNull Forgot to Remove His Claytex and Got Toxic Shock Syndrome.DaveNull Forgot to Remove His Claytex and Got Toxic Shock Syndrome.DaveNull Forgot to Remove His Claytex and Got Toxic Shock Syndrome.DaveNull Forgot to Remove His Claytex and Got Toxic Shock Syndrome.DaveNull Forgot to Remove His Claytex and Got Toxic Shock Syndrome.DaveNull Forgot to Remove His Claytex and Got Toxic Shock Syndrome.DaveNull Forgot to Remove His Claytex and Got Toxic Shock Syndrome.DaveNull Forgot to Remove His Claytex and Got Toxic Shock Syndrome.DaveNull Forgot to Remove His Claytex and Got Toxic Shock Syndrome.DaveNull Forgot to Remove His Claytex and Got Toxic Shock Syndrome.
    Reply With Quote
Old 03-26-2014, 05:09 PM   #10
htismaqe htismaqe is offline
'Tis my eye!
 
htismaqe's Avatar
 

Join Date: Aug 2000
Location: Chiefsplanet
Casino cash: $10269900
Quote:
Originally Posted by DaveNull View Post
Seriously. How about a plain text file? Or a Word document for that matter. Just don't choose the same file format that the tool likely used in the spear phishing attacks to begin with.
How about not ending the article with:

Intrigued? Go on and hit the PDF link here to get the full rundown of what Kaspersky discovered.
Posts: 100,022
htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.
    Reply With Quote
Old 03-26-2014, 05:12 PM   #11
DaveNull DaveNull is offline
Veteran
 
DaveNull's Avatar
 

Join Date: Nov 2011
Location: Villa Straylight
Casino cash: $10005610
Mandiant did the same thing last year. Likely a case of the marketing department not understanding the business or their audience.
Posts: 2,367
DaveNull Forgot to Remove His Claytex and Got Toxic Shock Syndrome.DaveNull Forgot to Remove His Claytex and Got Toxic Shock Syndrome.DaveNull Forgot to Remove His Claytex and Got Toxic Shock Syndrome.DaveNull Forgot to Remove His Claytex and Got Toxic Shock Syndrome.DaveNull Forgot to Remove His Claytex and Got Toxic Shock Syndrome.DaveNull Forgot to Remove His Claytex and Got Toxic Shock Syndrome.DaveNull Forgot to Remove His Claytex and Got Toxic Shock Syndrome.DaveNull Forgot to Remove His Claytex and Got Toxic Shock Syndrome.DaveNull Forgot to Remove His Claytex and Got Toxic Shock Syndrome.DaveNull Forgot to Remove His Claytex and Got Toxic Shock Syndrome.DaveNull Forgot to Remove His Claytex and Got Toxic Shock Syndrome.
    Reply With Quote
Old 03-26-2014, 07:55 PM   #12
planetdoc planetdoc is offline
Veteran
 

Join Date: Apr 2012
Casino cash: $9995865
Stuxnet will come back to Haunt us

Quote:
THE decision by the United States and Israel to develop and then deploy the Stuxnet computer worm against an Iranian nuclear facility late in George W. Bush’s presidency marked a significant and dangerous turning point in the gradual militarization of the Internet. Washington has begun to cross the Rubicon. If it continues, contemporary warfare will change fundamentally as we move into hazardous and uncharted territory.

It is one thing to write viruses and lock them away safely for future use should circumstances dictate it. It is quite another to deploy them in peacetime. Stuxnet has effectively fired the starting gun in a new arms race that is very likely to lead to the spread of similar and still more powerful offensive cyberweaponry across the Internet. Unlike nuclear or chemical weapons, however, countries are developing cyberweapons outside any regulatory framework.

There is no international treaty or agreement restricting the use of cyberweapons, which can do anything from controlling an individual laptop to disrupting an entire country’s critical telecommunications or banking infrastructure. It is in the United States’ interest to push for one before the monster it has unleashed comes home to roost.

Stuxnet was originally deployed with the specific aim of infecting the Natanz uranium enrichment facility in Iran. This required sneaking a memory stick into the plant to introduce the virus to its private and secure “offline” network. But despite Natanz’s isolation, Stuxnet somehow escaped into the cyberwild, eventually affecting hundreds of thousands of systems worldwide.

This is one of the frightening dangers of an uncontrolled arms race in cyberspace; once released, virus developers generally lose control of their inventions, which will inevitably seek out and attack the networks of innocent parties. Moreover, all countries that possess an offensive cyber capability will be tempted to use it now that the first shot has been fired.

Until recent revelations by The New York Times’s David E. Sanger, there was no definitive proof that America was behind Stuxnet. Now computer security experts have found a clear link between its creators and a newly discovered virus called Flame, which transforms infected computers into multipurpose espionage tools and has infected machines across the Middle East.

The United States has long been a commendable leader in combating the spread of malicious computer code, known as malware, that pranksters, criminals, intelligence services and terrorist organizations have been using to further their own ends. But by introducing such pernicious viruses as Stuxnet and Flame, America has severely undermined its moral and political credibility.

Flame circulated on the Web for at least four years and evaded detection by the big antivirus operators like McAfee, Symantec, Kaspersky Labs and F-Secure — companies that are vital to ensuring that law-abiding consumers can go about their business on the Web unmolested by the army of malware writers, who release nasty computer code onto the Internet to steal our money, data, intellectual property or identities. But senior industry figures have now expressed deep worries about the state-sponsored release of the most potent malware ever seen.

During the cold war, countries’ chief assets were missiles with nuclear warheads. Generally their number and location was common knowledge, as was the damage they could inflict and how long it would take them to inflict it.

Advanced cyberwar is different: a country’s assets lie as much in the weaknesses of enemy computer defenses as in the power of the weapons it possesses. So in order to assess one’s own capability, there is a strong temptation to penetrate the enemy’s systems before a conflict erupts. It is no good trying to hit them once hostilities have broken out; they will be prepared and there’s a risk that they already will have infected your systems. Once the logic of cyberwarfare takes hold, it is worryingly pre-emptive and can lead to the uncontrolled spread of malware.

Until now, America has been reluctant to discuss regulation of the Internet with Russia and China. Washington believes any moves toward a treaty might undermine its presumed superiority in the field of cyberweaponry and robotics. And it fears that Moscow and Beijing would exploit a global regulation of military activity on the Web, in order to justify and further strengthen the powerful tools they already use to restrict their citizens’ freedom on the Net. The United States must now consider entering into discussions, anathema though they may be, with the world’s major powers about the rules governing the Internet as a military domain.

Any agreement should regulate only military uses of the Internet and should specifically avoid any clauses that might affect private or commercial use of the Web. Nobody can halt the worldwide rush to create cyberweapons, but a treaty could prevent their deployment in peacetime and allow for a collective response to countries or organizations that violate it.

Technical superiority is not written in stone, and the United States is arguably more dependent on networked computer systems than any other country in the world. Washington must halt the spiral toward an arms race, which, in the long term, it is not guaranteed to win.
an old saying applies here, "those who live in glass houses shouldnt throw stones." Stuxnet and Flame were big stones.

Last edited by planetdoc; 03-26-2014 at 08:01 PM..
Posts: 2,174
planetdoc has disabled reputation
    Reply With Quote
Old 03-27-2014, 08:21 AM   #13
Amnorix Amnorix is offline
In BB I trust
 
Amnorix's Avatar
 

Join Date: May 2003
Location: Boston, Mass.
Casino cash: $10029808
Stunningly naive, in my view, to think that other countries wouldn't use cyberweapons if the US hadn't done it first.

I also don't understand why/how the NSA controls whether privately developed software has backdoors, etc. I doubt Microsoft etc. would be very receptive to the NSA approaching them to do that.
__________________
"I love signature blocks on the Internet. I get to put whatever the hell I want in quotes, pick a pretend author, and bang, it's like he really said it." George Washington
Posts: 43,125
Amnorix is obviously part of the inner Circle.Amnorix is obviously part of the inner Circle.Amnorix is obviously part of the inner Circle.Amnorix is obviously part of the inner Circle.Amnorix is obviously part of the inner Circle.Amnorix is obviously part of the inner Circle.Amnorix is obviously part of the inner Circle.Amnorix is obviously part of the inner Circle.Amnorix is obviously part of the inner Circle.Amnorix is obviously part of the inner Circle.Amnorix is obviously part of the inner Circle.
    Reply With Quote
Old 03-27-2014, 08:33 AM   #14
htismaqe htismaqe is offline
'Tis my eye!
 
htismaqe's Avatar
 

Join Date: Aug 2000
Location: Chiefsplanet
Casino cash: $10269900
Quote:
Originally Posted by Amnorix View Post
I also don't understand why/how the NSA controls whether privately developed software has backdoors, etc. I doubt Microsoft etc. would be very receptive to the NSA approaching them to do that.
The government has all kinds of handshake agreements in this arena. Microsoft is as complicit as any company.

One of the few that doesn't cooperate is Google (largely because they have world domination goals of their own that they don't want to share) and the government straight up went after them.
Posts: 100,022
htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.
    Reply With Quote
Old 03-27-2014, 08:46 AM   #15
planetdoc planetdoc is offline
Veteran
 

Join Date: Apr 2012
Casino cash: $9995865
Quote:
Originally Posted by Amnorix View Post
Stunningly naive, in my view, to think that other countries wouldn't use cyberweapons if the US hadn't done it first.
once again, one can substitute the word "nuclear" for "cyber." The previous deterent was that would be considered an "act of war."

Quote:
Originally Posted by Amnorix View Post
I also don't understand why/how the NSA controls whether privately developed software has backdoors, etc.
an example would be the NSA paying RSA to implement (and make default) the weakened random number generator Dual EC BRG.

Quote:
Originally Posted by Amnorix View Post
I doubt Microsoft etc. would be very receptive to the NSA approaching them to do that.
http://www.bloomberg.com/news/2013-0...-of-firms.html
Quote:
Originally Posted by article
Microsoft Corp. (MSFT), the world’s largest software company, provides intelligence agencies with information about bugs in its popular software before it publicly releases a fix, according to two people familiar with the process. That information can be used to protect government computers and to access the computers of terrorists or military foes.

Redmond, Washington-based Microsoft and other software or Internet security companies have been aware that this type of early alert allowed the U.S. to exploit vulnerabilities in software sold to foreign governments, according to two U.S. officials. Microsoft doesn’t ask and can’t be told how the government uses such tip-offs, said the officials, who asked not to be identified because the matter is confidential.
http://www.theguardian.com/world/201...tion-user-data
Quote:
Originally Posted by article
Microsoft has collaborated closely with US intelligence services to allow users' communications to be intercepted, including helping the National Security Agency to circumvent the company's own encryption, according to top-secret documents obtained by the Guardian.
There has also been speculation that NSA paid microsoft to backdoor skype. Prior to MS purchase of skype in 2011 for $8.5 billion, skype used a decentralized "p2p" system. After MS purchase it became centralized, and its ability to comply with PRISM tripled.

Last edited by planetdoc; 03-27-2014 at 09:00 AM..
Posts: 2,174
planetdoc has disabled reputation
    Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

Forum Jump




All times are GMT -6. The time now is 01:23 AM.


This is a test for a client's site.
Fort Worth Texas Process Servers
Covering Arlington, Fort Worth, Grand Prairie and surrounding communities.
Tarrant County, Texas and Johnson County, Texas.
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2024, vBulletin Solutions, Inc.