The federal government has concluded there's a new leaker exposing national security documents in the aftermath of surveillance disclosures by former NSA contractor Edward Snowden, U.S. officials tell CNN.
Proof of the newest leak comes from national security documents that formed the basis of a news story published Tuesday by the investigative website The Intercept. The site also published Snowden's leaks.
HAIL HYDRAThe CIA uses a previously unknown program, code-named Hydra, to secretly access databases maintained by foreign countries and extract data to add to the watchlists.
How “omnipotent” hackers tied to NSA hid for 14 years—and were found at last | Ars TechnicaA long list of almost superhuman technical feats illustrate Equation Group's extraordinary skill, painstaking work, and unlimited resources. They include:
Taken together, the accomplishments led Kaspersky researchers to conclude that Equation Group is probably the most sophisticated computer attack group in the world, with technical skill and resources that rival the groups that developed Stuxnet and the Flame espionage malware.
- The use of virtual file systems, a feature also found in the highly sophisticated Regin malware. Recently published documents provided by Ed Snowden indicate that the NSA used Regin to infect the partly state-owned Belgian firm Belgacom.
- The stashing of malicious files in multiple branches of an infected computer's registry. By encrypting all malicious files and storing them in multiple branches of a computer's Windows registry, the infection was impossible to detect using antivirus software.
- Redirects that sent iPhone users to unique exploit Web pages. In addition, infected machines reporting to Equation Group command servers identified themselves as Macs, an indication that the group successfully compromised both iOS and OS X devices.
- The use of more than 300 Internet domains and 100 servers to host a sprawling command and control infrastructure.
- USB stick-based reconnaissance malware to map air-gapped networks, which are so sensitive that they aren't connected to the Internet. Both Stuxnet and the related Flame malware platform also had the ability to bridge airgaps.
- An unusual if not truly novel way of bypassing code-signing restrictions in modern versions of Windows, which require that all third-party software interfacing with the operating system kernel be digitally signed by a recognized certificate authority. To circumvent this restriction, Equation Group malware exploited a known vulnerability in an already signed driver for CloneCD to achieve kernel-level code execution.
“How do I stop this virus?” Equation Group victim pleaded for online help | Ars TechnicaCostin Raiu, director of Kaspersky Lab's global research and analysis team, told Ars the files described in the post are consistent with the Fanny infections developed by Equation Group, the name Kaspersky has given to the hacking crew.
was reading that. really interesting. thinking of doubling up the ol tinfoil on the hat though.
Upgrade your account now to disable all ads... If we had any... Which we don't right now.Upgrade now