Nation State Spying Malware Revealed

CommanderFrank · Nov 23, 2014

Symantec announced the company has found a new and very complicated malware that operates in five stages. It is so sophisticated that the back-door Trojan has been in use since 2008 without detection.

The level of quality and the amount of effort put into keeping it secret convinces Symantec that it is a primary cyberespionage tool of a nation state.

spaceman · Nov 23, 2014

oooooooooooh good

entropy13 · Nov 23, 2014

I thought for a moment there's malware here.

Zinn · Nov 23, 2014

My brother had that on his PC, had to run FreeSpywareSweeper 3 times to get rid of it

Trimlock · Nov 23, 2014

More fear mongering by Symantec.

SonicTron · Nov 24, 2014

Trimlock said:
More fear mongering by Symantec.

6 years to discover it

Makes me think antivirus software is completely useless

cyclone3d · Nov 24, 2014

SonicTron said:
6 years to discover it

Makes me think antivirus software is completely useless

Actually, it is quite easy to write "malware" that will never be detected by scanners provided that the scanner companies never get a copy of it.

The way scanners work is that they look for specific patterns which identifies known viruses/malware.

If it isn't known or a similar variant of a known virus/malware, it will never be detected.

evilsofa · Nov 24, 2014

Does EFF's Detekt detect it?

Lith1um · Nov 24, 2014

Nation states, spying to protect themselves under the guise of protecting their citizens. Always have, always will, the temptation is just too great.

dderidex · Nov 24, 2014

SonicTron said:
6 years to discover it

Makes me think antivirus software is completely useless

Not quite - the article notes the 2.0 version of it appeared "in 2013", and by December of 2013 Symantec had detected and was providing protection against the 'backdoor component' of it used to deliver the payload.

They just didn't know until recently what exactly it was that they had detected and blocked, and didn't actually know what the potential 'payloads' delivered might be. Nor, notably, that it was part of a 2- or 3- stage infection of a complexity that would point to a nation-state.

But the core vulnerability was being blocked.

xxEIEIOxx · Nov 24, 2014

It must be from outside the U.S. or they wouldn't be exposing it.

McFry · Nov 24, 2014

No Chinese or US infected systems?

pcjunkie · Nov 24, 2014

Lets just call it what it really is: nsa.worm.w32.agent

Not much else to say.

Deleted member 12106 · Nov 24, 2014

pcjunkie said:
Lets just call it what it really is: nsa.worm.w32.agent

Not much else to say.

I lol'd.

QwertyJuan · Nov 24, 2014

Zinn said:
My brother had that on his PC, had to run FreeSpywareSweeper 3 times to get rid of it

LOL!!

I bet someone from "Microsoft" called him and (via remote control) "helped" him remove it as well!!

TechLarry · Nov 24, 2014

evilsofa said:
Does EFF's Detekt detect it?

Windows 8.1 X64 not supported. WTF...

lcpiper · Nov 24, 2014

McFry said:
No Chinese or US infected systems?

I wondered about that myself. At first look you'd think that means one of the two is responsible, but the US and China are pretty polar to one another, you'd think if one was guilty then the other would be the culprit. I check things like natural gas pipelines, oil exporters, importers, uranium producing nations, and I got tired. the only thing I located in my crude search is that when I looked up a list of the top ten most friendly countries to Israel non of them countries were on this list.

Nation State Spying Malware Revealed

CommanderFrank

Cat Can't Scratch It

spaceman

[H]F Junkie

entropy13

Gawd

Zinn

2[H]4U

Trimlock

[H]F Junkie

SonicTron

Snopes is My Fact Checker

cyclone3d

[H]F Junkie

evilsofa

[H]F Junkie

Lith1um

2[H]4U

dderidex

Supreme [H]ardness

xxEIEIOxx

2[H]4U

McFry

[H]ard|Gawd

pcjunkie

2[H]4U

Deleted member 12106

Guest

QwertyJuan

[H]F Junkie

TechLarry

RIP [H] Brother - June 1, 2022

lcpiper

[H]F Junkie