Home Mail MemberMap Chat (0) Wallpapers
Go Back   ChiefsPlanet > The Ed & Dave Lounge > Media Center

Reply
 
Thread Tools Display Modes
Old 03-25-2014, 11:23 PM  
listopencil listopencil is offline
sic semper tyrannis
 
listopencil's Avatar
 
Join Date: Oct 2002
Location: In Partibus Infidelium
Casino cash: $5232
Sophisticated malware discovered after 7 years, likely created by a nation-state




Security firm Kaspersky Labs recently released a research paper that uncovers the existence of a piece of highly complex malware that's been in circulation for almost seven years. It's called "The Mask," which is a rough English translation of Careto, a Spanish word for "ugly face" that was found in the malware's code. Aimed at high-level targets such as government institutions, embassies and large energy corporations, Kaspersky says "The Mask" has already claimed nearly 380 unique victims (with more than 1,000 IPs) in 31 countries that include China, France, Germany, the UK and the US. Kaspersky first spotted it in a spear phishing email campaign that entices the recipient over to malicious websites disguised as news sites like The Guardian and the Washington Post.

Kaspersky reports that the malware is extremely sophisticated, with a set of tools that include a rootkit, a bootkit, versions that'll affect 32- and 64-bit Windows, Mac OS X, Linux and possibly even mobile operating systems like Android and iOS. Once it gets its hooks into your system, it can be used to hijack all your communication channels and snatch everything from Skype conversations to sensitive encryption keys. It's also very difficult to detect. Due to the level of finesse found in the malware, Kaspersky concludes that "The Mask" was very likely created by a nation-state, much like Stuxnet and Duqu. As to which nation-state that is, the security firm doesn't know, but says it's probably one that is Spanish-speaking based on the code's language. Intrigued? Go on and hit the PDF link here to get the full rundown of what Kaspersky discovered.


http://www.securelist.com/en/downloa...emask_v1.0.pdf
Posts: 28,101
listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.
  Reply With Quote
Old 03-26-2014, 08:35 AM   #2
htismaqe htismaqe is offline
What? What?
 
htismaqe's Avatar
 

Join Date: Aug 2000
Location: Chiefsplanet
Casino cash: $5325
I'm not clicking on that link.
Posts: 61,271
htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.
  Reply With Quote
Old 03-26-2014, 10:19 AM   #3
beach tribe beach tribe is offline
I'm Comin'
 
beach tribe's Avatar
 

Join Date: May 2007
Location: ft.lauderdale
Casino cash: $5320
Quote:
Originally Posted by htismaqe View Post
I'm not clicking on that link.
My thoughts exactly.
__________________
Posts: 17,402
beach tribe threw an interception on a screen pass.beach tribe threw an interception on a screen pass.beach tribe threw an interception on a screen pass.beach tribe threw an interception on a screen pass.beach tribe threw an interception on a screen pass.beach tribe threw an interception on a screen pass.beach tribe threw an interception on a screen pass.beach tribe threw an interception on a screen pass.beach tribe threw an interception on a screen pass.beach tribe threw an interception on a screen pass.beach tribe threw an interception on a screen pass.
  Reply With Quote
Old 03-26-2014, 10:25 AM   #4
patteeu patteeu is offline
The 23rd Pillar
 
patteeu's Avatar
 

Join Date: Sep 2002
Casino cash: $5000
Quote:
Originally Posted by htismaqe View Post
I'm not clicking on that link.
__________________


"I'll see you guys in New York." ISIS Caliph Abu Bakr al-Baghdadi to US military personnel upon his release from US custody at Camp Bucca in Iraq during Obama's first year in office.
Posts: 75,744
patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.
  Reply With Quote
Old 03-26-2014, 11:37 AM   #5
planetdoc planetdoc is offline
Veteran
 

Join Date: Apr 2012
Casino cash: $5000
us govt opened up pandora's box by weaponizing the internet. Now its a free for all.
Posts: 1,989
planetdoc has disabled reputation
  Reply With Quote
Old 03-26-2014, 11:39 AM   #6
patteeu patteeu is offline
The 23rd Pillar
 
patteeu's Avatar
 

Join Date: Sep 2002
Casino cash: $5000
Quote:
Originally Posted by planetdoc View Post
us govt opened up pandora's box by weaponizing the internet. Now its a free for all.
That makes no sense. If the US government unilaterally declines to participate in an "arms race", it doesn't mean the race won't happen, it just means that we will lose it.
__________________


"I'll see you guys in New York." ISIS Caliph Abu Bakr al-Baghdadi to US military personnel upon his release from US custody at Camp Bucca in Iraq during Obama's first year in office.
Posts: 75,744
patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.
  Reply With Quote
Old 03-26-2014, 11:51 AM   #7
listopencil listopencil is offline
sic semper tyrannis
 
listopencil's Avatar
 

Join Date: Oct 2002
Location: In Partibus Infidelium
Casino cash: $5232
Quote:
Originally Posted by patteeu View Post
That makes no sense. If the US government unilaterally declines to participate in an "arms race", it doesn't mean the race won't happen, it just means that we will lose it.
Pretty much.
__________________
"As I walked out the door toward the gate that would lead to my freedom, I knew if I didn't leave my bitterness and hatred behind I'd still be in prison."


Posts: 28,101
listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.
  Reply With Quote
Old 03-26-2014, 05:07 PM   #8
DaveNull DaveNull is offline
Veteran
 
DaveNull's Avatar
 

Join Date: Nov 2011
Location: Villa Straylight
Casino cash: $5075
Quote:
Originally Posted by htismaqe View Post
I'm not clicking on that link.
Seriously. How about a plain text file? Or a Word document for that matter. Just don't choose the same file format that the tool likely used in the spear phishing attacks to begin with.
Posts: 1,185
DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.
  Reply With Quote
Old 03-26-2014, 05:09 PM   #9
htismaqe htismaqe is offline
What? What?
 
htismaqe's Avatar
 

Join Date: Aug 2000
Location: Chiefsplanet
Casino cash: $5325
Quote:
Originally Posted by DaveNull View Post
Seriously. How about a plain text file? Or a Word document for that matter. Just don't choose the same file format that the tool likely used in the spear phishing attacks to begin with.
How about not ending the article with:

Intrigued? Go on and hit the PDF link here to get the full rundown of what Kaspersky discovered.
Posts: 61,271
htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.htismaqe is obviously part of the inner Circle.
  Reply With Quote
Old 03-26-2014, 05:12 PM   #10
DaveNull DaveNull is offline
Veteran
 
DaveNull's Avatar
 

Join Date: Nov 2011
Location: Villa Straylight
Casino cash: $5075
Mandiant did the same thing last year. Likely a case of the marketing department not understanding the business or their audience.
Posts: 1,185
DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.DaveNull would the whole thing.
  Reply With Quote
Old 03-26-2014, 07:14 PM   #11
planetdoc planetdoc is offline
Veteran
 

Join Date: Apr 2012
Casino cash: $5000
Quote:
Originally Posted by patteeu View Post
That makes no sense. If the US government unilaterally declines to participate in an "arms race", it doesn't mean the race won't happen, it just means that we will lose it.
nope. you dont have to use those offensive capabilities like the US did with stuxnet. Its like saying that since the US has nuclear weapons than they should go ahead and use it.

1. The US declared cyberattacks an act of war.

2. US undermined this position with the Stuxnet and Flame virus.

3. Instead of working to make US interests more secure, the US government has worked to cripple and backdoor hardware and software. This makes US companies and infrastructure more vulnerable to attack.

4. US finds and gather 0-day exploits and vulnerabilities for offensive attacks, but fail to tell US companies so that they may fix their vulnerabilities....once again making them more vulnerable to attack.

America has been so busy with offensive capabilities and an cybe offensive arms race that they have neglected defense.
Posts: 1,989
planetdoc has disabled reputation
  Reply With Quote
Old 03-26-2014, 07:22 PM   #12
listopencil listopencil is offline
sic semper tyrannis
 
listopencil's Avatar
 

Join Date: Oct 2002
Location: In Partibus Infidelium
Casino cash: $5232
Quote:
Originally Posted by planetdoc View Post
nope. you dont have to use those offensive capabilities like the US did with stuxnet. Its like saying that since the US has nuclear weapons than they should go ahead and use it.

1. The US declared cyberattacks an act of war.

2. US undermined this position with the Stuxnet and Flame virus.

3. Instead of working to make US interests more secure, the US government has worked to cripple and backdoor hardware and software. This makes US companies and infrastructure more vulnerable to attack.

4. US finds and gather 0-day exploits and vulnerabilities for offensive attacks, but fail to tell US companies so that they may fix their vulnerabilities....once again making them more vulnerable to attack.

America has been so busy with offensive capabilities and an cybe offensive arms race that they have neglected defense.
Why not do both?
__________________
"As I walked out the door toward the gate that would lead to my freedom, I knew if I didn't leave my bitterness and hatred behind I'd still be in prison."


Posts: 28,101
listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.listopencil is obviously part of the inner Circle.
  Reply With Quote
Old 03-26-2014, 07:36 PM   #13
planetdoc planetdoc is offline
Veteran
 

Join Date: Apr 2012
Casino cash: $5000
Quote:
Originally Posted by listopencil View Post
Why not do both?
Patching vulnerabilities could undermine your own offensive capabilties assuming that your target patches vulnerabilities you have made public.

Although the US could gather cyber weapons, using them such as they have with stuxnet and Flame lead to the arms-race.

Its like the idea of mutually assured destruction (aka MAD). No one uses nukes because they are scared others will too. After the US used cyberweapons, now plenty of others are as well.

The worst part about all of this is that the US is more technologically advanced than most (if not all) other countries, and thus are the most vulnerable to cyberattacks. They have neglected defending the homeland to go on the offensive.
Posts: 1,989
planetdoc has disabled reputation
  Reply With Quote
Old 03-26-2014, 07:55 PM   #14
planetdoc planetdoc is offline
Veteran
 

Join Date: Apr 2012
Casino cash: $5000
Stuxnet will come back to Haunt us

Quote:
THE decision by the United States and Israel to develop and then deploy the Stuxnet computer worm against an Iranian nuclear facility late in George W. Bush’s presidency marked a significant and dangerous turning point in the gradual militarization of the Internet. Washington has begun to cross the Rubicon. If it continues, contemporary warfare will change fundamentally as we move into hazardous and uncharted territory.

It is one thing to write viruses and lock them away safely for future use should circumstances dictate it. It is quite another to deploy them in peacetime. Stuxnet has effectively fired the starting gun in a new arms race that is very likely to lead to the spread of similar and still more powerful offensive cyberweaponry across the Internet. Unlike nuclear or chemical weapons, however, countries are developing cyberweapons outside any regulatory framework.

There is no international treaty or agreement restricting the use of cyberweapons, which can do anything from controlling an individual laptop to disrupting an entire country’s critical telecommunications or banking infrastructure. It is in the United States’ interest to push for one before the monster it has unleashed comes home to roost.

Stuxnet was originally deployed with the specific aim of infecting the Natanz uranium enrichment facility in Iran. This required sneaking a memory stick into the plant to introduce the virus to its private and secure “offline” network. But despite Natanz’s isolation, Stuxnet somehow escaped into the cyberwild, eventually affecting hundreds of thousands of systems worldwide.

This is one of the frightening dangers of an uncontrolled arms race in cyberspace; once released, virus developers generally lose control of their inventions, which will inevitably seek out and attack the networks of innocent parties. Moreover, all countries that possess an offensive cyber capability will be tempted to use it now that the first shot has been fired.

Until recent revelations by The New York Times’s David E. Sanger, there was no definitive proof that America was behind Stuxnet. Now computer security experts have found a clear link between its creators and a newly discovered virus called Flame, which transforms infected computers into multipurpose espionage tools and has infected machines across the Middle East.

The United States has long been a commendable leader in combating the spread of malicious computer code, known as malware, that pranksters, criminals, intelligence services and terrorist organizations have been using to further their own ends. But by introducing such pernicious viruses as Stuxnet and Flame, America has severely undermined its moral and political credibility.

Flame circulated on the Web for at least four years and evaded detection by the big antivirus operators like McAfee, Symantec, Kaspersky Labs and F-Secure — companies that are vital to ensuring that law-abiding consumers can go about their business on the Web unmolested by the army of malware writers, who release nasty computer code onto the Internet to steal our money, data, intellectual property or identities. But senior industry figures have now expressed deep worries about the state-sponsored release of the most potent malware ever seen.

During the cold war, countries’ chief assets were missiles with nuclear warheads. Generally their number and location was common knowledge, as was the damage they could inflict and how long it would take them to inflict it.

Advanced cyberwar is different: a country’s assets lie as much in the weaknesses of enemy computer defenses as in the power of the weapons it possesses. So in order to assess one’s own capability, there is a strong temptation to penetrate the enemy’s systems before a conflict erupts. It is no good trying to hit them once hostilities have broken out; they will be prepared and there’s a risk that they already will have infected your systems. Once the logic of cyberwarfare takes hold, it is worryingly pre-emptive and can lead to the uncontrolled spread of malware.

Until now, America has been reluctant to discuss regulation of the Internet with Russia and China. Washington believes any moves toward a treaty might undermine its presumed superiority in the field of cyberweaponry and robotics. And it fears that Moscow and Beijing would exploit a global regulation of military activity on the Web, in order to justify and further strengthen the powerful tools they already use to restrict their citizens’ freedom on the Net. The United States must now consider entering into discussions, anathema though they may be, with the world’s major powers about the rules governing the Internet as a military domain.

Any agreement should regulate only military uses of the Internet and should specifically avoid any clauses that might affect private or commercial use of the Web. Nobody can halt the worldwide rush to create cyberweapons, but a treaty could prevent their deployment in peacetime and allow for a collective response to countries or organizations that violate it.

Technical superiority is not written in stone, and the United States is arguably more dependent on networked computer systems than any other country in the world. Washington must halt the spiral toward an arms race, which, in the long term, it is not guaranteed to win.
an old saying applies here, "those who live in glass houses shouldnt throw stones." Stuxnet and Flame were big stones.

Last edited by planetdoc; 03-26-2014 at 08:01 PM..
Posts: 1,989
planetdoc has disabled reputation
  Reply With Quote
Old 03-26-2014, 10:35 PM   #15
patteeu patteeu is offline
The 23rd Pillar
 
patteeu's Avatar
 

Join Date: Sep 2002
Casino cash: $5000
Quote:
Originally Posted by planetdoc View Post
nope. you dont have to use those offensive capabilities like the US did with stuxnet. Its like saying that since the US has nuclear weapons than they should go ahead and use it.

1. The US declared cyberattacks an act of war.

2. US undermined this position with the Stuxnet and Flame virus.

3. Instead of working to make US interests more secure, the US government has worked to cripple and backdoor hardware and software. This makes US companies and infrastructure more vulnerable to attack.

4. US finds and gather 0-day exploits and vulnerabilities for offensive attacks, but fail to tell US companies so that they may fix their vulnerabilities....once again making them more vulnerable to attack.

America has been so busy with offensive capabilities and an cybe offensive arms race that they have neglected defense.
I'm not sure why you think you know that.
__________________


"I'll see you guys in New York." ISIS Caliph Abu Bakr al-Baghdadi to US military personnel upon his release from US custody at Camp Bucca in Iraq during Obama's first year in office.
Posts: 75,744
patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.patteeu is obviously part of the inner Circle.
  Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

Forum Jump




All times are GMT -6. The time now is 09:29 AM.


Powered by vBulletin® Version 3.8.0
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.