NSA Backdoor SPYWARE on Hard Disks

RusliRusli Posts: 997 Adventurer

Read the details here:- (None of these is a gimmick. It's base on Facts!)

 

https://www.f-secure.com/weblog/archives/00002791.html

 

others:-

https://www.f-secure.com/weblog/archives/00002790.html

 

Sources:-

 

http://www.theregister.co.uk/2015/02/17/kaspersky_labs_equation_group/

 

http://www.reuters.com/article/2015/02/16/us-usa-cyberspying-idUSKBN0LK1QV20150216

 

https://securelist.com/blog/research/68750/equation-the-death-star-of-malware-galaxy/

 

https://securelist.com/files/2015/02/Equation_group_questions_and_answers.pdf

 

http://www.theregister.co.uk/2015/02/11/air_gap_feature/

 

Other trojans used in the prolonged and wipe spread attacks were dubbed Equationlaser; Equationdrug; Doublefantasy; Triplefantasy, and Grayfish.

It detailed the trojans in a document:

  • EQUATIONDRUG – A very complex attack platform used by the group on its victims. It supports a module plugin system, which can be dynamically uploaded and unloaded by the attackers.
  • DOUBLEFANTASY – A validator-style Trojan, designed to confirm the target is the intended one. If the target is confirmed, they get upgraded to a moresophisticated platform such as EQUATIONDRUG or GRAYFISH.
  • EQUESTRE – Same as EQUATIONDRUG.
  • TRIPLEFANTASY – Full-featured backdoor sometimes used in tandem with GRAYFISH. Looks like an upgrade of DOUBLEFANTASY, and is possibly a more recent validator-style plugin.
  • GRAYFISH – The most sophisticated attack platform from the EQUATION Group. It resides completely in the registry, relying on a bootkit to gain execution at OS startup.
  • FANNY – A computer worm created in 2008 and used to gather information about targets in the Middle East and Asia. Some victims appear to have been upgraded first to DoubleFantasy, and then to the EQUATIONDRUG system.
    Fanny used exploits for two zero-day vulnerabilities which were later discovered with Stuxnet.
  • EQUATIONLASER – An early implant from the EQUATION group, used around2001-2004. Compatible with Windows 95/98, and created sometime between DOUBLEFANTASY and EQUATIONDRUG.

http://www.theinquirer.net/inquirer/news/2395638/kaspersky-fingers-nsa-style-equation-group-for-hard-drive-backdoor-epidemic

This discussion has been closed.