Kaspersky: Clumsy NSA Leak Snoop's PC Was Packed With Malware

DooKey

DooKey

[H]F Junkie
Joined
Apr 25, 2001
Messages
13,559
Kaspersky Lab, the US government's least favorite computer security outfit, has published its full technical report into claims Russian intelligence used its antivirus tools to steal NSA secrets. The Register has a good article worth reading that ties everything together. We covered this a bit last month and the earlier article is here.

The report, published on Thursday, said it has no record of the described snafu in 2015, but the case looked like a situation that kicked off the year before. A user with a Verizon FiOS IP address in the Baltimore area, near the NSA headquarters, fired up the Kaspersky software, and it found on the PC powerful cyber-attack code that appeared to be part of a collection codenamed the Equation Group files.
 
So Kaspersky Lab is saying their software was ineffective and this was incompetence on their part rather than a targeted attack. Thats good, i'll re-install their software. :rolleyes::rolleyes::rolleyes:
 
Tak Ne said:
So Kaspersky Lab is saying their software was ineffective and this was incompetence on their part rather than a targeted attack. Thats good, i'll re-install their software. :rolleyes::rolleyes::rolleyes:
Click to expand...
No, that's not what they are saying.
Anyone anywhere can infect a system no matter what protection it has.
Except for maybe faronics deepfreeze, but even then they would be the Administrator on their own system so I take that back.
 
Jim Kim said:
No, that's not what they are saying.
Anyone anywhere can infect a system no matter what protection it has.
Except for maybe faronics deepfreeze, but even then they would be the Administrator on their own system so I take that back.
Click to expand...
I know thats not what they're saying but "Packed With Malware" implies the software really wasn't working as advertised.
 
Tak Ne said:
I know thats not what they're saying but "Packed With Malware" implies the software really wasn't working as advertised.
Click to expand...

Actually reading the article before commenting would help with your confusion.

"To install and run this malware, the user must have disabled Kaspersky Lab products on his machine. Our telemetry does not allow us to say when the antivirus was disabled, however, the fact that the malware was later detected as running in the system suggests the antivirus had been disabled or was not running when the malware was run. Executing the malware would not have been possible with the antivirus enabled."
 
Tak Ne said:
I know thats not what they're saying but "Packed With Malware" implies the software really wasn't working as advertised.
Click to expand...
The "packed with malware" is a clickbait title from the register and means absolutely nothing. "Packed with" not being a technical term and such.
For example, Chock full o'Nuts coffee has no nuts.
 
Based on other articles I have read on this subject it appears they were frequently disabling Kaspersky and re enabling it to get to various torrenting sites to download cracks and key gens for a bunch of 3'rd party software. To make it even better they then ran said cracks and key gens as an administrative user then once they had done what they needed to re enabled Kaspersky. This is the very sort of user I reluctantly give guest access to, because I don't have time to deal with that shit.
 
They should have been on an air gaped machine with permission from the boss to work at home. This is a duh and should be punishable with jail time.
 
You must log in or register to reply here.
Back
Top