Big-brand hard disk firmware worldwide RIDDLED with NSA SPY KIT

Have you also ever wondered if those constant Windows ‘updates’ throughout the years were more than updates?

It’s also interesting to note that the researchers come from Kaspersky Lab, a Russian company headquartered in Moscow, which produces anti-virus software (and more) that millions of Americans use and trust.

Having said that, are the Russians infiltrating American citizen’s computers as well as ‘high value’ targets?

 

Kaspersky: ‘Equation Group’ attacked ‘high value targets’

America’s National Security Agency (NSA) has infected hard disk firmware with spyware in a campaign valued as highly as Stuxnet and dating back at least 14 years, and possibly up to two decades, according to an analysis by Kaspersky labs and subsequent reports.

The agency is said to have compromised hard drive firmware for more than a dozen top brands, including Seagate, Western Digital, IBM, Toshiba, Samsung and Maxtor, Kaspersky researchers revealed.

Reuters reports sources formerly working with the NSA confirmed the agency was responsible for the attacks, which Kaspersky doesn’t lay at the feet of the agency.

Kaspersky’s analysis says the NSA made a breakthrough by infecting hard disk firmware with malware known only as nls_933w.dll capable of persisting across machine wipes to re-infect targeted systems.

Researchers said the actors dubbed ‘The Equation Group’ had access to the firmware source code and flexed their full remote access control over infected machines only for high value targets.

“The Equation group is probably one of the most sophisticated cyber attack groups in the world,” Kaspersky bods said in an advisory.

“This is an astonishing technical accomplishment and is testament to the group’s abilities.”

“For many years they have interacted with other powerful groups, such as the Stuxnet and Flame groups; always from a position of superiority, as they had access to exploits earlier than the others.”

It called the campaign the “Death Star” of the malware universe, and said (PDF) the Equation moniker was given based on the attackers’ “love for encryption algorithms and obfuscation strategies”.

Full article: Big-brand hard disk firmware worldwide RIDDLED with NSA SPY KIT (The Register)

Comments are closed.