The Operations of a Cyber Arms Dealer

An anonymous reader writes "FireEye researchers have linked eleven distinct APT cyber espionage campaigns previously believed to be unrelated (PDF), leading them to believe that there is a shared operation that supplies and maintains malware tools and weapons used in them. The eleven campaigns they tied together were detected between July 2011 and September 2013, but it's possible and very likely that some of them were active even before then. Despite using varying techniques, tactics, and procedures, the campaigns all leveraged a common development infrastructure, and shared — in various combinations — the same malware tools, the same elements of code, binaries with the same timestamps, and signed binaries with the same digital certificates."

script kiddies all growed up

makin' money, gettin' paid!!

Re:script kiddies all growed up

[flyneye]

Damn I was hopin' this article was about an appendage salesman. I wanted to go to work with the efficiency of Doc Octopus.

Re:script kiddies all growed up

Maybe even gettin' laid!

Re:script kiddies all growed up

[Lumpy]

Absolutely! I would love a Cyber arm... I would walk around doing the "dead or alive you are coming with me" trick to the local punks.

Daemon

[cykros]

I'm sure it's actually a set of logic trees so elaborately woven together as to monitor the news and manipulate people into carrying out it's programmed goals, put in place by a disgruntled brain cancer ridden game developer, coordinating these "cyber arms dealer" groups. Naturally, bitcoins are the darknet credits...

Re:Daemon

I participated in a Darpa study on how to use new cycles to influence populations and identify those with access to inside and targeted information using major US new feeds, just about the time of the green revolutions. Just saying...

Arming up on the Internet

[pieterh]

IMO it's part of an undeclared war on the Internet, funded by the intelligence-security complex, who need to reign in and control the Internet. The usual structure is official organizations (NSA, GCQ) funding subcontractors (like Stratfor) who fund off-the-books teams to build up armed capacity, attack targets to create a climate of fear, and to blackmail third parties into cooperation. Your tax dollars hard at work, keeping the Children Safe from cyberterrorists, hackers, and criminals, aka an independent Internet.

Re:Arming up on the Internet

[FriendlyLurker]

This new hot on the heels of GHCQ targeting engineers to gain access to the systems of the companies they work for.

Looks like Slashdot, LinkedIn and other sites engineers frequent just earned themselves a NoScript->Forbid status. That Slashdot does not even have a cert auth SSL, for what pathetically little it does to secure your communications, is a crime for a tech orientated site...

Re:Arming up on the Internet

[AHuxley]

Yes just as the telcos and big US brands seem to link back to one source so do some of the active 'fronts'.
Left, right, NGO, freedom, big brands, small brands, new staff and old contractors .... all in the mix and getting the perfect keys just in time for very public or private results.

Re:Arming up on the Internet

[AHuxley]

The fun part about slashdot is the time factor. Days, weeks, years, decades of history or already published news get added to by people and cute sock puppets.
Even the AC's are very careful and broad on most interesting topics.
A job site listing project names to boast about past clearances and attract new work would be a very logical entry point.
Does slashdot shape stories? The wider press pick up days after?

China is #1!

EU is #3!

FINALLY!

[Gravis+Zero]

Malware Targeted industries

19% - High-tech
17% - Financial services
11% - Telecommunications
10% - Federal government
9% - Energy/Utilities/Petroleum refining
6% - Aerospace/Defense/Airlines
5% - Chemicals/Manufacturing/Mining
etc...

at long last we're in popular crowd and those stupid jocks didn't even make the list! sweet justice is mine!

now if you will excuse me, the floozies from back in high school are flocking my way.

Re:FINALLY!

wtf is high-tech if aerospace isn't?

"What you can't touch can't hurt you"... apk

It's a big part of the "WHY" of why I built this application (since it not only blocks ads, good & bad/malicious script bearing - BUT, it also blocks KNOWN sites serving up malware/malscript + various forms of botnet C&C Servers too):

---

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74

(Details of hosts' benefits enumerated in link)

Summary:

---

A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/comments.pl?sid=4127345&cid=44701775

B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comments.pl?sid=3985079&cid=44310431 w/ less added "moving parts" complexity + room 4 breakdown,

C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).

---

* "A fool makes things bigger + more complex: It takes a touch of genius & a lot of courage to move in the opposite direction." - Einstein

(Addons are more complex + slowup browsers in message passing (use a few concurrently - you'll see))

---

** "Less is more" = GOOD engineering!

(Vs. slowing down SLOWER usermode browsers layering on MORE in addons which slow them down more: I work w/ what you have in kernelmode, via hosts - A tightly integrated PART of the IP stack itself)

APK

P.S.=> "The premise is, quite simple: Take something designed by nature & reprogram it to make it work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"

...apkb

Obvious

Government and corporate goons have overreached their authority so much, and infringed on peoples rights so much, that some kind of military conflict was bound to happen. Is it really that surprising that something like this is going on?

I for one prefer a cyber war, over a real shooting war which my children would see with their own eyes.

If the damn politicians and corporation would simply stop infringing on people's rights, there would be alot less problems, and lower chance of conflict. DUH!

"Cyber" war

[davidshewitt]

The term "cyber war" really annoys me. Let's save the use of the word "war" for conflict in which real people are killed and "weapon" for devices that are used to kill real people or destroy real property. I hate propaganda bullshit.

exploit vendors

[manu0601]

Of course there are links, there are even companies specialized on it