Moscow-Based Security Firm Reveals What May Be The Biggest NSA “Backdoor Exploit” Ever

(Before It's News)

Zero Hedge

Since 2001, a group of hackers – dubbed the “Equation Group” by researchers from Moscow-based Kaspersky Lab – have infected computers in at least 42 countries (with Iran, Russia, Pakistan, Afghanistan, India, and Syria most infected) with what Ars Technica calls “superhuman technical feats” indicating “extraordinary skill and unlimited resources.”

The exploits – including the ‘prized technique’ of the creation of a secret storage vault that survives military-grade disk wiping and reformatting – cover every hard-drive manufacturerand have many similar characteristics to the infamous NSA-led Stuxnet virus.

 

 

According to Kaspersky, the spies made a technological breakthrough by figuring out how to lodge malicious software in the obscure code called firmware that launches every time a computer is turned on.

 

Disk drive firmware is viewed by spies and cybersecurity experts as the second-most valuable real estate on a PC for a hacker, second only to the BIOS code invoked automatically as a computer boots up.

 

“The hardware will be able to infect the computer over and over,” lead Kaspersky researcher Costin Raiu said in an interview.…

 

Kaspersky’s reconstructions of the spying programs show that they could work in disk drives sold by more than a dozen companies, comprising essentially the entire market. They include Western Digital Corp, Seagate Technology Plc, Toshiba Corp, IBM, Micron Technology Inc and Samsung Electronics Co Ltd.

The group used a variety of means to spread other spying programs, such as by compromising jihadist websites, infecting USB sticks and CDs, and developing a self-spreading computer worm called Fanny, Kasperky said.

Fanny was like Stuxnet in that it exploited two of the same undisclosed software flaws, known as “zero days,” which strongly suggested collaboration by the authors, Raiu said. He added that it was “quite possible” that the Equation group used Fanny to scout out targets for Stuxnet in Iran and spread the virus.

Which, as Reuters reports, strongly suggests the “extraordinary skills and unlimited resources” were funded by the NSA…

 

The U.S. National Security Agency has figured out how to hide spying software deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers, giving the agency the means to eavesdrop on the majority of the world’s computers, according to cyber researchers and former operatives.

 

That long-sought and closely guarded ability was part of a cluster of spying programs discovered by Kaspersky Lab, the Moscow-based security software maker that has exposed a series of Western cyberespionage operations.

Read More Here

• How Germany and the U.K. Benefitted Most From Greece and Spain’s Austerity-Fueled Brain Drain
• CIA Fears Foreign Countries Using Weather Weapons to Cause Floods or Droughts
• Black Seed – ‘The Remedy For Everything But Death’
• 5.56 Ammunition and Switchblade Knives
• Why Your Government Thinks You’re a Total Sucker
• Can Russia control the weather? Climate researcher says CIA fears hostile nations are triggering floods and droughts
• Two More Harbingers Of Financial Doom That Mirror The Crisis Of 2008
• Student Debt Is Seriously Hurting Your Mental and Physical Health
• Muziek : L1 TV: LEF! met Sven Smeets en Lange Frans (video)
• Astronomers spot clouds on Mars: Is the U.S. Government terraforming the planet?