Help and UtilitiesNo Cure for this other then destroy hard drive

Computer help and Utilities
Post Reply
User avatar

Topic author
Gen Stranger
|iog| Administrator
Posts: 241
Joined: Mon Jan 19, 2004 6:28 pm
Zodiac: Gemini

No Cure for this other then destroy hard drive

Post by Gen Stranger » Sat Feb 21, 2015 3:38 pm

A cyberespionage group with a toolset similar to ones used by U.S. intelligence agencies has infiltrated key institutions in countries including Iran and Russia, utilizing a startlingly advanced form of malware that is impossible to remove once it's infected your PC.

Kaspersky Lab released a report Monday that said the tools were created by the “Equation” group, which it stopped short of linking to the U.S. National Security Agency.

The tools, exploits and malware used by the group—named after its penchant for encryption—have strong similarities with NSA techniques described in top-secret documents leaked in 2013.

Countries hit the most by Equation include Iran, Russia, Pakistan, Afghanistan, India and China. Targets in those countries included the military, telecommunications, embassies, government, research institutions and Islamic scholars, Kaspersky said.
Infirm firmware

Kaspersky’s most striking finding is Equation’s ability to infect the firmware of a hard drive, or the low-level code that acts as an interface between hardware and software.

The malware reprograms the hard drive’s firmware, creating hidden sectors on the drive that can only be accessed through a secret API (application programming interface). Once installed, the malware is impossible to remove: disk formatting and reinstalling the OS doesn’t affect it, and the hidden storage sector remains.

“Theoretically, we were aware of this possibility, but as far as I know this is the only case ever that we have seen of an attacker having such an incredibly advanced capability,” said Costin Raiu, director of Kaspersky Lab’s global research and analysis team, in a phone interview Monday.

see full story here ... nl_pcwbest
Gen Stranger

User avatar

Posts: 14
Joined: Fri May 31, 2013 10:55 pm
Zodiac: Gemini

Re: No Cure for this other then destroy hard drive

Post by Sully525 » Sun Feb 22, 2015 1:22 am

Have no fear - Mr. Personality is here!

User avatar

Posts: 8
Joined: Mon Jul 14, 2014 8:09 pm
Zodiac: Scorpio

Re: No Cure for this other then destroy hard drive

Post by 3BlindMice » Sun Feb 22, 2015 1:35 pm

Destroying the HDD on computers newly infected with viruses has been the SOP in AIG for some months now.
I don't know if that's related or not, though.
What's sarcasm?

Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest