Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Kaspersky Exposes the Framework of a Massive Cyber-Espionage Group

Security researchers of Kaspersky Lab have discovered a group of cyber-espionage which has been functioning for a minimum fifteen years and has also toiled with and supported the goons behind Flame, Stuxnet and other extremely sophisticated campaigns.

The attackers, recognized as Equation Group, employed two of the zero days confined in Stuxnet before that worm used them and have employed several other methods to infect including prohibiting physical media like Compact Discs and inserting their tailored malware implants into discs.

The group has employed some techniques which are closely connected with tactics used by the NSA particularly the banning operations and the employment of LNK flaw exploit by Stuxnet.

The nefarious gang has enormous, flexible and threatening resources at its disposal. The attackers employ two hidden modules along with using many zero days in its operations which facilitate them to reprogram the hard drives on tainted machines. Due to this, attackers can remain persistent on hijacked machines indefinitely and construct a hidden storage partition on the hard drive which is employed for stolen data storage.

Securityweek.com published news on 16th February, 2015 according to which Costin Raiu, Director of Global Research and Analysis Team of Kaspersky, said: "It means we are actually blind and cannot detect hard drives which have been infected by this malware."

The malware could also create an unseen obstinate area hidden inside the hard drive to save exfiltrated information which can be retrieved by the attackers later on. This means that the attackers can capture the encryption password and save it into this hidden area. It can revive itself forever."

As per the record, the Russian security vendor (Kaspersky) claimed that they have first discovered the evidence of the Equation Group while investigating Regin. One machine of a victim in the Middle East was apparently found to be infected with one of the group's malware platforms known as EQUATIONDRUG.

Firstlook.org published a report on 18th February, 2015 quoting Vanee' Vines, Spokeswoman of NSA, as saying "The agency was aware of the research of Kaspersky but we are not going to comment publicly on any charges that the report raises or discusses any details."

ยป SPAMfighter News - 3/3/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page