Kaspersky reveals ‘elegant’ malware resembling NSA code

Salamendacious@lemmy.world to Technology@lemmy.world – 109 points – Kaspersky reveals 'elegant' malware resembling NSA code
cyberscoop.com

The Russian cybersecurity firm discovered sophisticated malware that combined cryptocurrency mining and espionage capabilities.

12

It's most likely resembling NSA code because it's using EternalBlue which was leaked back in 2017 by ShadowBrokers. The title of the article is misleading/click-baity. (No offense to the OP, I know you just used the title from the article.)

Could have sworn Kaspersky was trying their hardest to not be Russian.

Not really trusting the source here.

https://www.pcmag.com/news/powerful-malware-disguised-as-crypto-miner-infects-1m-plus-windows-linux

Thank you, but I meant I don’t trust Kapersky themselves.

I used to use Kaspersky but I stopped about 10 years ago or so. I get why people don't trust having that software on their computers but personally I don't distrust their public reports (which is different from trust obviously). Just because I feel like other more technically minded people are going to look into this and there will be a confirmation or a denial eventually.

I've read about code from Stuxnet being used in other worms so it didn't surprise me that this is possible. I'm not a cyber security expert so it could all be nothing and I wouldn't know the difference. This is some rather technical stuff.

I believe Kaspersky used to be very persona non grata in Russia, and then someone either from Gazprom or similar made a buyout and now, not so much.

Here’s the original report: https://securelist.com/stripedfly-perennially-flying-under-the-radar/110903/

It doesn’t specifically attribute this to the NSA, and it’s very hard to definitively say who created what malware anyways.

That being said, if you read through the report, the details on this really scream “state actor” most probably. The level of modularity, the infrastructure of the C2 server, and the detailed & flexible spying capabilities all point to some government agency more than anything else.