Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Kaspersky Says that Shadow Brokers Leaked Malware is Genuine


They say that devil is in details. Particularly in this case, GReAT (Global Research & Analysis Team) of Kaspersky Lab says that presence of the RC5 as well as RC6 encryption algorithms within the malware that was dumped by The Shadow Brokers was the prime factor leading them to arrive to the conclusion.

Today, security firm said that its analysis revealed "several hundred tools" from this leak was having "strong connection" with Kaspersky's previous findings about Equation Group. The Equation Group was first linked with National Security Agency by Kaspersky in February 2015. During that time, the group has been labeled by Kaspersky as the most advanced hacking collective that it had encountered.

During their preliminary analysis of Equation Group malware, Kaspersky said that it had found samples of 20 different malwares where crooks had used the RC5 as well as RC6 code. They found samples of 347 different malware in the data dumped by The Shadow Brokers.

Kaspersky said today that the Shadow Brokers published data contains an implementation of RC5 as well as RC6 encryption algorithms, which is similar to Equation Group malware's RC5 as well as RC6 code. It said that this particular implementation has just been seen earlier with malware of the Equation Group.

Moreover, the team of security vendor's also found patterns of coding in the dumped malware unique to the way the Equation Group wrote its hacking tools, and unique to it alone. Hackers known as "Shadow Brokers" claimed yesterday that they have stolen the tools from the Equation Group.

Itnews.com posted on August 17th, 2016, as written by researchers of Kaspersky that "comparing the older, known Equation RC6 code and the code used in most of the binaries from the new leak we observe that they are functionally identical and share rare specific traits in their implementation".

Shadow Brokers are presently running an open auction for remaining Equation Group malware. Till now, the group just made 1.629 Bitcoin or A$1231 which is a lot more modest, in spite of asking 1 million Bitcoin for releasing remainder of files.

ยป SPAMfighter News - 22-08-2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next