Thread: "Super-advanced malware"

Destroying your hard drive is the only way to stop this super-advanced malware

Feb 17, 2015


A cyberespionage group with a toolset similar to ones used by U.S. intelligence agencies has infiltrated key institutions in countries including Iran and Russia, utilizing a startlingly advanced form of malware that is impossible to remove once it's infected your PC.
Kaspersky Lab released a report Monday that said the tools were created by the “Equation” group, which it stopped short of linking to the U.S. National Security Agency.
The tools, exploits and malware used by the group—named after its penchant for encryption—have strong similarities with NSA techniques described in top-secret documents leaked in 2013.
Countries hit the most by Equation include Iran, Russia, Pakistan, Afghanistan, India and China. Targets in those countries included the military, telecommunications, embassies, government, research institutions and Islamic scholars, Kaspersky said.



Infirm firmware

Kaspersky’s most striking finding is Equation’s ability to infect the firmware of a hard drive, or the low-level code that acts as an interface between hardware and software.
The malware reprograms the hard drive’s firmware, creating hidden sectors on the drive that can only be accessed through a secret API (application programming interface). Once installed, the malware is impossible to remove: disk formatting and reinstalling the OS doesn’t affect it, and the hidden storage sector remains.





Destroying your hard drive is the only way to stop the super-advanced Equation malware

The end is near.

Supposed we woke up tomorrow and all was gone.
We'd have to get on connecting with real life.
Most would suffer greatly, as the conditioning is so deep.

...oh well.

Originally Posted by thaimeme

The end is near.

Supposed we woke up tomorrow and all was gone.
We'd have to get on connecting with real life.
Most would suffer greatly, as the conditioning is so deep.

...oh well.

I would say you need help, but it would not be of any use. I suppose I should pity you. Maybe in my next life.

The dependency is all encompassing. Every computer in the World failing suddenly, completely and irreversibly.

Back to pens and pencils, and talking. Welcome to Hell.

Som nam na.

Originally Posted by Dan

The dependency is all encompassing. Every computer in the World failing suddenly, completely and irreversibly.

Back to pens and pencils, and talking. Welcome to the pub.

Som nam na.

Fixed it for ya?

Question do SSD's use the same type of interface?

Originally Posted by thaimeme

Supposed we woke up tomorrow and all was gone. We'd have to get on connecting with real life.

You would not recognise real life if it bit you on the arse. How are things on planet Jeff BTW?

Originally Posted by chassamui

planet Jeff

Originally Posted by Dan

Welcome to Hell.

Fanny worm ????

Isn't that something you can catch from those dirty beach road hooker in Pattaya

Countries hit the most by Equation include Iran, Russia, Pakistan, Afghanistan, India and China. Targets in those countries included the military, telecommunications, embassies, government, research institutions and Islamic scholars, Kaspersky said.

Must have been Israel.

The tools, exploits and malware used by the group—named after its penchant for encryption—have strong similarities with NSA techniques described in top-secret documents leaked in 2013.

Oh dear, must have been a leak, and now they're getting a dose of their own medicine...

To the (2) geniuses with their moronic end is nigh comments. This was posted as interesting info only. Technology advances daily. The dance between the users and the abusers will continue forever.

It helps to just pick up some of the progress in this dance along the line, so one does not have to start desperate 'Is it a virus' threads.

Originally Posted by baldrick

Originally Posted by FlyFree

to infect the firmware of a hard drive

I have flashed the firmware on a hard drive before and it was not the easiest thing to do - maybe with premade connector it would be easier , but it was not done while it was hooked to the motherboard

Originally Posted by VocalNeal

Question do SSD's use the same type of interface?

SSD's have firmware - all of your peripherals have

there has been talk in the past - and proof of concept malwares that reside in the boot roms of your network interface cards

A couple of lads demo'd a POC of Flash drive firmware infection last year. No doubt we can look forward to a new -and expensive- range of tamper proof devices soon....

Originally Posted by baldrick

I have flashed the firmware

TD is not your personal erotica site.