this post was submitted on 29 Oct 2023
114 points (91.3% liked)

Technology

59207 readers
3158 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

The Russian cybersecurity firm discovered sophisticated malware that combined cryptocurrency mining and espionage capabilities.

top 12 comments
sorted by: hot top controversial new old
[–] [email protected] 63 points 1 year ago (1 children)

It's most likely resembling NSA code because it's using EternalBlue which was leaked back in 2017 by ShadowBrokers. The title of the article is misleading/click-baity. (No offense to the OP, I know you just used the title from the article.)

[–] [email protected] 15 points 1 year ago
[–] [email protected] 18 points 1 year ago

Could have sworn Kaspersky was trying their hardest to not be Russian.

[–] [email protected] 13 points 1 year ago (2 children)

Not really trusting the source here.

[–] [email protected] 14 points 1 year ago (1 children)
[–] [email protected] 23 points 1 year ago (3 children)

Thank you, but I meant I don’t trust Kapersky themselves.

[–] [email protected] 21 points 1 year ago* (last edited 1 year ago) (1 children)

I used to use Kaspersky but I stopped about 10 years ago or so. I get why people don't trust having that software on their computers but personally I don't distrust their public reports (which is different from trust obviously). Just because I feel like other more technically minded people are going to look into this and there will be a confirmation or a denial eventually.

I've read about code from Stuxnet being used in other worms so it didn't surprise me that this is possible. I'm not a cyber security expert so it could all be nothing and I wouldn't know the difference. This is some rather technical stuff.

[–] [email protected] 6 points 1 year ago (1 children)

Anything is possible and it certainly seems more difficult to find truth these days, but I appreciate you posting.

[–] [email protected] 3 points 1 year ago
[–] [email protected] 6 points 1 year ago

I believe Kaspersky used to be very persona non grata in Russia, and then someone either from Gazprom or similar made a buyout and now, not so much.

[–] [email protected] -5 points 1 year ago

Nor should you, if you're American

[–] [email protected] 3 points 1 year ago* (last edited 1 year ago)

Here’s the original report: https://securelist.com/stripedfly-perennially-flying-under-the-radar/110903/

It doesn’t specifically attribute this to the NSA, and it’s very hard to definitively say who created what malware anyways.

That being said, if you read through the report, the details on this really scream “state actor” most probably. The level of modularity, the infrastructure of the C2 server, and the detailed & flexible spying capabilities all point to some government agency more than anything else.