Kaspersky Lab uncovers a suite of surveillance platforms that hide in hard drive firmware

Shawn Knight

Posts: 13,080   +131
Staff member
Security researchers at Kaspersky Lab have unearthed a suite of surveillance platforms that can hide within the firmware of hard drives from more than a dozen manufacturers. The attackers, which Kaspersky is calling the Equation Group due to their complex...

[newwindow="https://www.techspot.com/news/59768-kaspersky-lab-uncovers-suite-surveillance-platforms-hide-hard.html"]Read more[/newwindow]
 

VitalyT

Posts: 5,497   +5,098
NSA is pretty much the same in all languages...

Netzwerk von Schlecht Arschlöcher

sorry, if my German isn't good.
 
D

davislane1

The alarming thing about this news isn't that the NSA has been up to shenanigans. It is the fact that 90% or more of readers will be utterly unsurprised by the headline.
 

Seventh Reign

Posts: 131   +65
The alarming thing about this news isn't that the NSA has been up to shenanigans. It is the fact that 90% or more of readers will be utterly unsurprised by the headline.


I believe you grossly overestimate the intelligence of your average internet user. Remember these are the same people who STILL fall for the African Prince scam .. every .. single .. day.

Unless it was a typo and you meant that 90% of users WOULD be surprised. That sounds much much more realistic.
 

tonylukac

Posts: 1,382   +72
No wonder the seagate drive I built my machine with had that firmware problem. Seagate had a fix for the physical error it it had. A toshiba drive had the same error with no fix.,
 

amstech

Posts: 2,643   +1,807
Uncle Sam has been pulling this $hit for 10 years.
Nothing and I mean NOTHING you have is secure.
Not on your PC and CERTAINLY not on your phone.
 
D

davislane1

I believe you grossly overestimate the intelligence of your average internet user. Remember these are the same people who STILL fall for the African Prince scam .. every .. single .. day.

Unless it was a typo and you meant that 90% of users WOULD be surprised. That sounds much much more realistic.

I was saving my "people are generally dim" post for the inevitable net neutrality pass vote story.

Also, it is worth noting that not all of the Nigerian princes are frauds. I am expecting a deposit in my account sometime later this week, in fact. Nasim "Big Money" Gachanumba seems like a pretty decent guy. A bit trusting (probably how he was betrayed), but nice.
 
G

Guest

So how to view the data on the disk by the spy agency that went all the way to implement it?

They need to have some way through windows... how to view large sets of data in GBs without giving themselves out (streaming large files show in data usage)? What if the drive data is encrypted? what if someone uses Linex or Tails?

There are too many variables yet after all what we learned about spy agencies I can't refute Kaspersky's find.
 

Kibaruk

Posts: 3,836   +1,186
Hi techspot, thanks for fueling the conspiracy aspirations of users.

Regards,
Someone who doesn't care.

PS: Because really, if the "NSA" or whomever is behind it, will get it one way, or the other, I'm gonna find you, I'm gonna get...
PS2: Unless there is a patch or a way to reflash the drive's firmware.
 

stewi0001

Posts: 2,574   +2,167
Hi techspot, thanks for fueling the conspiracy aspirations of users.

Regards,
Someone who doesn't care.

PS: Because really, if the "NSA" or whomever is behind it, will get it one way, or the other, I'm gonna find you, I'm gonna get...
PS2: Unless there is a patch or a way to reflash the drive's firmware.

no one has played PS or PS2 in quite a while. let us know when you get to PS4 ;P
 
G

Guest

This firmware intrusion can of course be used to reserve certain disk areas for their own malware programs that can be run but not detected or deleted by other antivirus / antimalware programs. Vast amount of disk drives can be knocked out via simple virus programs spread to keyed in specific countries, areas or companies. Today the 21'century Internet media winter is up to debate, as we continue to replace all physical media (papers, books, contracts...) onto digital media located in vast Internet server plants.
 

Jad Chaar

Posts: 6,481   +976
If the NSA is in fact behind this, I would not be surprised one bit. They need an indestructible method of surveillance that someone cannot just erase by reformatting.
 
G

Guest

Unfortunatelly this "news" came from a Russian company and like RT.com spread some propaganda to the world.
Still nobody will proof that without source code of that disk firmware.
So take this "news" with orange juice and let it go.
 
G

Guest

I trust RT.com, Presstv.com and english.pravda.ru .etc. more than the crap outlets like Fox, CNN and NBC for example.

When it comes to finding flaws/loopholes developed by NSA, CIA, Mossad or whatever, lots of knowledgeable and highly experienced people still don't know what to look for in the source code when it relates to things like surveillance tech . After all, the intelligence agencies often have the best breed of brains around!
 
G

Guest

This sounds like a load of bull.
What does this malware/worm do?
How does it run? It doesn't load & run in your windows.
More info needed...
 

infiltrator

Posts: 171   +31
This sounds like a load of bull.
More info needed...

I couldn't agree more, but you have to realize that, we are leaving in a digital world where anything is possible. Take for instance, the TOR network and how the NSA managed to infiltrate into it.

What does this malware/worm do?

It spies on the user, by recording and sending out bits of information to NSA servers.
Now, I don't know what information it could potentially be sending out.
But it could be on anything that could be used against you, if you are/were to commit a crime.

How does it run? It doesn't load & run in your windows.

That's a good question?

It could be using a customized emulator to run, or a even when Windows itself is running. But to remain undetected, it could be using a specially customized rootkit program, that no AV is able to detect it.

I am just throwing around some ideas.
 

BadThad

Posts: 449   +421
This sounds like a load of bull.
More info needed...

I couldn't agree more, but you have to realize that, we are leaving in a digital world where anything is possible. Take for instance, the TOR network and how the NSA managed to infiltrate into it.

What does this malware/worm do?

It spies on the user, by recording and sending out bits of information to NSA servers.
Now, I don't know what information it could potentially be sending out.
But it could be on anything that could be used against you, if you are/were to commit a crime.

How does it run? It doesn't load & run in your windows.

That's a good question?

It could be using a customized emulator to run, or a even when Windows itself is running. But to remain undetected, it could be using a specially customized rootkit program, that no AV is able to detect it.

I am just throwing around some ideas.

It could also use Windows Powershell like Poweliks.....undetectable.
 

Cold Canuck

Posts: 10   +1
Ever wonder why so many states have made or are making "Living-off-the-grid" illegal?
I did.

Even when the filtered water they can provide for themselves and the clean solar power they have, can be proven to be of superior quality than that made available by the local power/water grid, these "Off-gridders" can still be in legal trouble.

It probably just means that the NSA can't surreptitiously access your PC if you are self-sufficient...and I seriously doubt they like that too much....even if the NSA weren't continually monitoring your computer and/or internet use, it gives them easy access to your PC if you were to come under scrutiny.