LinkBack URL
About LinkBacksRead more.'The Equation Group' infected HDD firmware with surveillance tools since 2001.
Read more.'The Equation Group' infected HDD firmware with surveillance tools since 2001.
The irony is the Ad at the top of the page for me was "Save money on great NSA* bundles" sponsored by WD.
*typo. Read NAS.
Interesting that they think there is a link (however tenuously) back to the NSA.
Based on the Wiki-leaks stuff, it does make you wonder!
Main PC: Asus Rampage IV Extreme / 3960X@4.5GHz / Antec H1200 Pro / 32GB DDR3-1866 Quad Channel / Sapphire Fury X / Areca 1680 / 850W EVGA SuperNOVA Gold 2 / Corsair 600T / 2x Dell 3007 / 4 x 250GB SSD + 2 x 80GB SSD / 4 x 1TB HDD (RAID 10) / Windows 10 Pro, Yosemite & Ubuntu
HTPC: AsRock Z77 Pro 4 / 3770K@4.2GHz / 24GB / GTX 1080 / SST-LC20 / Antec TP-550 / Hisense 65k5510 4K TV / HTC Vive / 2 x 240GB SSD + 12TB HDD Space / Race Seat / Logitech G29 / Win 10 Pro
HTPC2: Asus AM1I-A / 5150 / 4GB / Corsair Force 3 240GB / Silverstone SST-ML05B + ST30SF / Samsung UE60H6200 TV / Windows 10 Pro
Spare/Loaner: Gigabyte EX58-UD5 / i950 / 12GB / HD7870 / Corsair 300R / Silverpower 700W modular
NAS 1: HP N40L / 12GB ECC RAM / 2 x 3TB Arrays || NAS 2: Dell PowerEdge T110 II / 24GB ECC RAM / 2 x 3TB Hybrid arrays || Network:Buffalo WZR-1166DHP w/DD-WRT + HP ProCurve 1800-24G
Laptop: Dell Precision 5510 Printer: HP CP1515n || Phone: Huawei P30 || Other: Samsung Galaxy Tab 4 Pro 10.1 CM14 / Playstation 4 + G29 + 2TB Hybrid drive
Just remind where Kapersky labs are based.....
(\__/)
(='.'=)
(")_(")
Been helped or just 'Like' a post? Use the Thanks button!
My broadband speed - 750 Meganibbles/minute
I've heard the guys from the Tor Project, and others like Alex Jones talk about this, years ago. And now, a major security company, Kaspersky Lab, are coming out with this info. This is a big deal. What the hell do you do about this.. How are people supposed to know what is safe to buy anymore..
There was a time that I'd use this as a tongue in cheek piece of light humor. Now? Sorry, but I trust state sponsored Russian companies as little or less than I trust the NSA.Originally Posted by peterb
Esse Quam Videri
Out on the road today I saw a Black Flag Sticker on a Cadillac...
No they bloody haven't!Kaspersky says US spyware is baked-into many HDD firmwares
They described a component of a tool that can install itself as a replacement firmware. What they did not state at any point was that this was installed on drives en-mass coming from the factory. That is a vastly different thing. Hexus are the only site I have seen to imply this, and with no others (including the liked FT article) mentioning anything like it.
D-T (18-02-2015)
Stop using or keep being spyed. no other way.
Quite correct, the Kaspersky article (what I managed to read around the non-removable coupon popup that seem to infect some sites with Chrome) says:
So unless I'm reading that bit incorrectly, the malware is reprogramming the drive installed in the infected system to provide a permanent "known bad" source of the malware. The article does not say that the drives are shipping with this malware.GReAT has been able to recover two modules which allow reprogramming of the hard drive firmware of more than a dozen of the popular HDD brands. This is perhaps the most powerful tool in the Equation group's arsenal and the first known malware capable of infecting the hard drives.
By reprogramming the hard drive firmware (i.e. rewriting the hard drive's operating system), the group achieves two purposes:
That said, I do tend to be slightly defensive about AV companies "bigging up" the latest threat to perhaps sell more licenses. However, in this case I can't see an obvious sales pitch. You know "drives are being reprogrammed, use our new DriveCert(tm) software to reflash your drives with known good firmware"
Career status: still enjoying my new career in DevOps, but it's keeping me busy...
Yes, I came here worried and after reading the article realised that I'm probably safe from spying. (For some level of "safe". I mean, not from this particular spying.)
Colleague of mine may a good comment ... "if you think you're important enough to be spied upon by the NSA then perhaps you shouldn't own a computer or a smartphone. But then again, if you don't have PC nor smartphone then maybe that's suspicious in itself"
As said in the Shockwave Rider ... new reasons for old paranoia.
Career status: still enjoying my new career in DevOps, but it's keeping me busy...
theanalyzer (19-02-2015)
GIven how factories tend to pull in a lot of short term contract staff it would be probably quite trivial to plant someone to infect final test machines. However, such an untargeted blunt move would seem rather risky for the limited usefulness of "infecting" countless DVR machines and laptops that just surf Facebook all day on the hope you might get a lucky hit. So yeah, I don't see this.
It's not a matter of if you're important enough to be spied upon it's a matter of privacy, a matter of what you said yesterday not becoming tomorrows taboo, a matter of what happens when such spyware inevitably finds it's way into the wild.
Privacy is vital to a free society without it people become wary to discuss anything that goes against social norms in private, would people have questioned the laws that made Alan Turing a criminal if they had not dared to speak out against those laws, at first in private and later in public ?
Maybe the hard drive is gay?
If they are "practically blind to it" how do they know it's there? How does it communicate with external agencies then? Surely they could find that channel?
Check out the Kaspersky document that the article links to. It says that the malware might be able to create a private area on the disk that is effectively a black hole to the normal utilities. Then, so I assume, the attacker will switch the firmware to allow access to that private area. Or it could be a lot simpler, if the malwarers put a trojan on a PC, then they could use corrupted disk firmware to ensure that their wiretap is reinstated if the victim spots it and removes it.
I agree with what you're saying but the "A" agencies have become very adept at using the threat of terrorists and paedophiles to argue that "a little less" privacy is necessary. As John Stuart Mill said:If we had truly wise leaders then they'd be able to balance the needs of protecting the populace without necessarily resorting to following the "1984" playbook. Unfortunately, I think the ease with with electronic surveillance of all types can be used has meant that it's become very attractive. Sorry for the digression.The only freedom which deserves the name, is that of pursuing our own good in our own way, so long as we do not attempt to deprive others of theirs, or impede their efforts to obtain it.
Career status: still enjoying my new career in DevOps, but it's keeping me busy...
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote
