Kaspersky reveals ‘elegant’ malware resembling NSA code (cyberscoop.com)
from Salamendacious@lemmy.world to technology@lemmy.world on 29 Oct 2023 09:21
https://lemmy.world/post/7485761

The Russian cybersecurity firm discovered sophisticated malware that combined cryptocurrency mining and espionage capabilities.

#technology

threaded - newest

KnightontheSun@lemmy.world on 29 Oct 2023 09:46 next collapse

Not really trusting the source here.

Salamendacious@lemmy.world on 29 Oct 2023 09:56 next collapse

pcmag.com/…/powerful-malware-disguised-as-crypto-…

KnightontheSun@lemmy.world on 29 Oct 2023 10:06 collapse

Thank you, but I meant I don’t trust Kapersky themselves.

CyberDine@lemmy.world on 29 Oct 2023 10:20 next collapse

Nor should you, if you’re American

Salamendacious@lemmy.world on 29 Oct 2023 10:23 next collapse

I used to use Kaspersky but I stopped about 10 years ago or so. I get why people don’t trust having that software on their computers but personally I don’t distrust their public reports (which is different from trust obviously). Just because I feel like other more technically minded people are going to look into this and there will be a confirmation or a denial eventually.

I’ve read about code from Stuxnet being used in other worms so it didn’t surprise me that this is possible. I’m not a cyber security expert so it could all be nothing and I wouldn’t know the difference. This is some rather technical stuff.

KnightontheSun@lemmy.world on 29 Oct 2023 10:30 collapse

Anything is possible and it certainly seems more difficult to find truth these days, but I appreciate you posting.

Salamendacious@lemmy.world on 29 Oct 2023 10:30 collapse

👍

KingThrillgore@lemmy.ml on 29 Oct 2023 15:00 collapse

I believe Kaspersky used to be very persona non grata in Russia, and then someone either from Gazprom or similar made a buyout and now, not so much.

jvisick@programming.dev on 30 Oct 2023 10:14 collapse

Here’s the original report: securelist.com/…/110903/

It doesn’t specifically attribute this to the NSA, and it’s very hard to definitively say who created what malware anyways.

That being said, if you read through the report, the details on this really scream “state actor” most probably. The level of modularity, the infrastructure of the C2 server, and the detailed & flexible spying capabilities all point to some government agency more than anything else.

madsen@lemmy.world on 29 Oct 2023 10:29 next collapse

It’s most likely resembling NSA code because it’s using EternalBlue which was leaked back in 2017 by ShadowBrokers. The title of the article is misleading/click-baity. (No offense to the OP, I know you just used the title from the article.)

Salamendacious@lemmy.world on 29 Oct 2023 12:00 collapse

👍

LUHG_HANI@lemmy.world on 29 Oct 2023 12:49 collapse

Could have sworn Kaspersky was trying their hardest to not be Russian.