According to Kaspersky, the Equation group can reprogram disk firmware, and create hidden data which can only be accessed by their API, and they just stop short of linking Equation to the NSA.
From PCWorld:
From PCWorld:
Quote:
A cyberespionage group with a toolset similar to ones used by U.S. intelligence agencies has infiltrated key institutions in countries including Iran and Russia. Kaspersky Lab released a report Monday that said the tools were created by the “Equation” group, which it stopped short of linking to the U.S. National Security Agency. The tools, exploits and malware used by the group—named after its penchant for encryption—have strong similarities with NSA techniques described in top-secret documents leaked in 2013. ... Kaspersky’s most striking finding is Equation’s ability to infect the firmware of a hard drive, or the low-level code that acts as an interface between hardware and software. The malware reprograms the hard drive’s firmware, creating hidden sectors on the drive that can only be accessed through a secret API (application programming interface). Once installed, the malware is impossible to remove: disk formatting and reinstalling the OS doesn’t affect it, and the hidden storage sector remains. |
via International Skeptics Forum http://ift.tt/1Ekzdkw
Aucun commentaire:
Enregistrer un commentaire