Over the weekend, it was reported that the NSA was scrambling to get ready for a new “leak” about their operations, which was uncovered by a “non-US” cybersecurity company. Today, Russian-based Kaspersky Labs unveiled a huge cache of information about a cybercriminal gang they are calling “Equation,” and which appears to be tightly connected to the NSA itself.
Kaspersky Labs released a 44-page report on Equation (pdf), which describes the group’s suite of malware, used to steal information from industries, corporations, governments, and even some individuals, as the most advanced on the planet.
Indeed, Equation’s malware is so successful and so hard to detect, that Kaspersky believes they’ve been in existence since 2001, or possibly as far back as 1996, and they are only now getting a glimpse into their existence.
Equation’s suite is said to be extremely modular, with initial Trojans being installed simply to see if the targeted computer’s user might be of interest, and if so depositing payloads of highly advanced software into the operation system, which is almost impossible to detect.
Though Kaspersky Labs declined to conclusively link them to the NSA in the report, the connection is impossible to deny, as the early Equation worms appear to be the basis for the Stuxnet worm, which US officials have openly admitted was government handiwork.
Equation’s delivery system also appears to have relied on it being quasi-governmental in some cases, intercepting shipments of commercial software being sent to potential targets of interest and replacing the installation CDs with infected alternatives. Kaspersky had examples of infected Oracle software CDs that were apparently created by Equation and delivered to customers instead of the actual CDs.
The malware identified infects Windows systems, and appears to successfully target all known modern versions of the Microsoft operating system. The report also notes some of the malware makes reference to Macintosh OSX versions of the malware, though none has yet been conclusively seen in the wild.
The malware embeds itself within the operating system, the registry, and into the firmware of the physical hard drives themselves, making it virtually impossible to detect and similarly difficult to remove. The use of hard drive firmware as a method of attack by the NSA had been previously reported, but the sophistication of the attacks are surprising many.
Equation got access not only to publicly known ATA commands, but also somehow vendor-specific ones for literally every major hard drive vendor on the planet. Once the hard drives have been compromised in this manner, the malware is impossible to remove: the only way to get rid of it is to remove and destroy the hard drive.
Empire USA — An absolute top-down dictatorship
All developed by Microsoft, under the direction of billionare Bill Gates, in compliance to the guidelines set forth by the corporate rich power combine that rules Empire USA
Jun 7, 2013 William Benny – The Government is Profiling You (The NSA is Spying on You)
NSA stores data to target any citizen at any time – Greenwald October 29, 2013
http://rt.com/news/greenwald-interview-nsa-data-9…
July 29, 2012 NSA Director Keith Alexander came to hacker gathering DefCon for the first time to recruit from the show's ranks.
LAS VEGAS (CNNMoney) — Wearing a t-shirt and jeans, America's top spymaster — National Security Agency Director Gen. Keith Alexander, also the head of the U.S. Cyber Command — took the stage Friday at the nation's largest hacker convention to deliver a recruiting pitch."In this room, this room right here, is the talent our nation needs to secure cyberspace," Alexander told the standing-room-only audience at DefCon, a grassroots gathering in Las Vegas expected to draw a record 16,000 attendees this year. "We need great talent. We don't pay as high as everybody else, but we're fun to be around."
http://money.cnn.com/2012/07/27/technology/defcon…