Slashdot Mirror
Russians Suspected of Uroburos Spy Malware
judgecorp writes "While Russia's political activity is center stage, its cyber-espionage apparently continues. Russian intelligence is strongly suspected of being behind the Uroburos malware which is targeting Western governments and commercial organizations. There are Russian-language strings in the code, and it searches its victims' systems for Agent BTZ, malware used in previous attacks believed to have been carried out by Russia."
to the NSA?
So any google translating script kiddie can make malware that puts the blame on Russia by just throwing random ruskie strings in and searching for alleged russian virii?
Who came up with this scheme, the same person that talked about WMD in Iraq?
HTTP/1.1 400
Everyone is copying the US now. I wonder where Russia's GITMO will be?
No good deed goes unpunished.
No way dude, everyone knows that only real Russians know the Russian language therefore they are the only ones capable of inserting Russian-language strings in the code.
Everyone is copying the US now. I wonder where Russia's GITMO will be?
That's kind of cute. I take it that for you history begins in the year 2000 and is limited to the US?
Just as an FYI, Russia (nee Soviet Union) has been involved with espionage via computer for a very long time. One famous case:
The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage
much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
"In Soviet Russia, computer attacks you!"
Which says a lot about our current computing environment - even Windows: one has to be a real expert (like PhD level) to find current exploits.
You can find exploits by stumbling upon them when doing something related to the exploitable functionality. Utilizing them requires skill, though.
Goodness, my "fellow" American hawks sure are itching for war with Russia. Unfortunately, I don't think this is the solution to domestic problems and the care and feeding of the media that they believe it will be.
I sincerely, sincerely hope that you're joking. Whatever problems the United States may currently face, it is nothing compared to the Gulag Archipelago of the Soviet System. And I think you will find that the current regime has no problem with "extraordinary rendition" to faraway places, either.
That's what it takes to infiltrate well secured computers and networks. For the most part though infiltrators rely on badly secured stuff these days. The Target invasion was possible due to poor security practices - which Target's own IT/security people warned management about.
Except that GP was not talking about copying the US' computer-based espionage operations, but the US' various illegal wars.
You know, there is a bit of a mess unfolding in Ukraine. There are pro-russian and pro-european factions and the russians are obviously supporting the former -- with a completely illegal show of force.
Less well known is that the pro-european factions supported by the West are largely far-right nationalists. Neonazis, pretty much. See, e.g. this piece by Max Blumenthal.
Gosh, thanks. That must be why the other ships call me Meatfucker -- GCU Grey Area (Eccentric)
There are Russian-language strings in the code, and it searches its victims' systems for Agent BTZ, malware used in previous attacks believed to have been carried out by Russia
And this would make everyone believe that Russia would be so stupid as to put Russian language into the code? Bullshit. This is exactly what China or US or especially Pakastan or Iran would do to make it look Russian so as to start a fight between the greater powers. Its political bullshit intrigue101 make it so obvious. You can't trust anyone or anything nowadays. These governments are out of control on earth.
In the last, what?, ten years all of the exploits have been found by professional security researchers, spy organizations (Stuxnet), and other exploits were done by very serious experts who REALLY knew their shit.
Actually, what you are seeing is criminals taking over the exploitation of exploits, before it was hackers having fun and sending "it's my birthday" messages around, now it's serious criminals using exploits to steal serious money. These people don't advertize their finds, they use them to the fullest extent possible. When PHD's find an exploit you can be sure 90% of the time it's already known to criminals who have used it for a while.
If you wonder at the accuracy of that, just look around at how many viruses are out there and start counting the news reports for companies compromised.
DEMETRIUS: Villain, what hast thou done?
AARON: Villain, I have done thy mother.
Shakespeare invents 'your mom'
The problem is that there are -so many- weak links these days. Anything, be it the application, web server, backend server, DB server, Web browser, Web browser add-ons, OS, firmware, NIC firmware, router, switch, can have a weakness that can be easily exploited to cause a lot of issues. Air-gapping will help prevent those attacks, but I'm sure if it is a big organization wanting the data, rich enough to buy 0-day exploits from an auction, they are rich enough to have "boots on the ground" in a target country to perform physical attacks (sticking a USB flash drive into a machine and letting Autorun/Autoplay do the rest, for example.)
In the '90s, the computer industry had two choices, go the secure route, or go the cheap route. It is obvious how the industry went. Even languages that could offer provable security with known states are all but dead [1], so there is no way other than just keep patching holes, to have any semblance of solid security these days.
It would be nice to start from scratch. There are still ways to have provable states and know how a program will function, even with edge/corner cases. Similar with hardware. If we go with known good embedded operating systems, an attack on an IP stack will have limited consequences.
[1]: Ada may be ugly, but it does offer provable security.
The problem is that people have forgotten the atrocities of the Soviets. From "Moscow Fried Chicken" (the result of burning up refugees in Afghanistan) to the fact that leaving a country or a "zone" would mean a swift death for the person and their family, all the many atrocities done by the USSR or their puppets are history virtually forgotten since the Berlin Wall fell.
Instead, the focus is on how evil the US is... but I would recommend someone compare the days of living in the early to mid 1980s in west Germany compared to the DDR... things are relative. The US might get caught spying, but they are not sending troops to attack German citizens because they want to go visit a nightclub in France.
Yup, imagine how time wasting and frustrating it would be to insert Cyrillic lettering in strings in your typical UTF8 programming language. So I don't buy that Rusky argument at all.
Excuse me, but please get off my Pennisetum Clandestinum, eh!
"It has Russian language strings in the code, so it must be Russian intelligence behind it!"
(facepalm) Really? This is an example of investigative prowess?
, .
I must be Russian. There are Russian language strings in my post.
Proverbs 21:19
No, I don't. I point people to it since it is both a good read and informative on many subjects that are discussed here, both directly and indirectly. If you read it you might understand.
I prefer to have informed discussions. Unfortunately that is often difficult here, especially on certain topics. If more people were better informed, and maybe left behind various fringe theories or ideas, the discourse would be more useful.
much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
The problem is that people have forgotten the atrocities of the Soviets...all the many atrocities done by the USSR or their puppets are history virtually forgotten since the Berlin Wall fell.
Maybe that's because the Soviets/USSR doesn't exist anymore, and hasn't since 1991. If you think Putin's regime is equivalent to the USSR, then you should probably do a re-fresh of your geo-political perspective.
Instead, the focus is on how evil the US is...
You're right! Instead, let's focus on the past evils of the USSR and ignore the more recent evils of the US. Forget the NSA...KGB! US invasion of Iraq? No no no! Soviet invasion of Afghanistan! Abu Ghraib was nuthin compared to Kolyma, Norilsk, or Vorkuta!!! USA! USA! USA!
Your strategy should really improve the credibility and moral authority of the US in the eyes of the rest of the world going forward. Why didn't someone think of this earlier?!?
Sir!
-- Put crudely, the world is an extremely large problem instance. (Russel/Norvig Artificial Intelligence)
No, I don't.
It was in your sig at one point.
The point being that I don't get any financial benefit, as you had asked. The fact that my sig had a link to the book's page on Amazon doesn't change that.
I have read it, and it's relevance to TFS/TFA is about as close as Kevin Bacon is to Mary Pickford.
You must have missed my point about the long history of Russian involvement with espionage by computer, as shown in the book.
much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
The hacker in the book was working for the KGB. That is a direct relationship.
Are we done?
much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
Putin is a former KGB officer (Lt. Colonel) who once referred to the fall of the Soviet Union as "the greatest geopolitical catastrophe of the century." Communist or not at this point, it almost doesn't matter. Call it the will to re-establish the Russian Empire. Putin likely sees himself as a latter-day Peter the Great, and is currently operating unchecked by a US executive branch and foreign policy apparatus that at best can be said to embody the culmination of Khrushchev's promise to "bury [the us] from within."
Do you not consider it fishy that Yeltsin, who was largely responsible for the dissolution of the Soviet union, and who was seen as having had the support of the US in doing so would "unexpectedly resign" to make way for a hardliner with strong ties to the intelligence services? There is a reason that people call his approach to governing "Soft Stalinism" -- Stalin was crushing opponents and literally airbrushing them out of history before Photoshop was remotely on the horizon.
Twenty million Ukrainians starved to death during forced collective farming in the first five-year plan of the Soviet Union. Leon Trotsky [Lev Bronstein] was a Ukrainian by birth (in much the same way that Joseph Stalin was a Georgian, the Bolshevik Revolution wasn't particularly Russian in nature). The animosity between Russian-speaking and non-Russian-speaking peoples in the Ukraine CANNOT be separated historically from rise nor fall of the Soviet Union, nor with the Crimean War when Russia first conquered Ukraine and brought into its fold the first time -- hence why Trotsky was able to participate in the revolution at such as senior level, and why Ukraine was there to suffer so greatly so early under the Soviet system.
And regardless of any status of moral authority after the Iraq war, the fact that the US got involved in Iraq in the way we did doesn't take away from the issue at hand in Crimea now, any more than "But NSA!!!" makes actions by FSB (or, more likely, criminal organizations who have quid-pro-quo agreements with FSB) any less bad.
The problem is that there are -so many- weak links these days.
True, but so many of the big invasions, like the Target deal, use things that were securable, and that people (like their own security/IT people) said should be secured. Security is an endless software arms race, but the attackers usually take advantage of the defense's sloppiness or cost cutting. Even Stuxnet required some German engineer to unknowingly plant via a thumb drive.
Ada may be ugly, but it does offer provable security.
Ada has some definite advantages, like avoiding buffer overflows, but in and of itself can't guarantee security. I do agree though that using a language like that would be a big improvement.
Next time, note to self:
Defriend Russians before attack on vital strategic cooking interests.
-- Tigger warning: This post may contain tiggers! --
Sounds fishy. It SOUNDS like an American columnist came up with it out of his own head and forgot that Ukraine doesn't have southern democrats.
Comment removed based on user account deletion
Complete Global Saturation!
Please define "illegal wars".
Lacking a mandate from the relevant institutions of international law; in the absence of a credible threat to national security; based entirely on circumstantial evidence, cherry-picked intel and plain fabrication; against the wishes of a large fraction of voters...
Take your pick.
Gosh, thanks. That must be why the other ships call me Meatfucker -- GCU Grey Area (Eccentric)
when will Russia stop all these illegal wars?
As soon as they win them and declare they were not illegal. The winners write the history book after all.
That is also a direct relationship, is it not?
No, it's not.
much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
The problem is that American Exceptionalists pretend their shit doesn't stink. You want to talk about Stalin's gulags? Great! But then lets also talk about how the United States was formed by genocide, slavery, and conquering nations that hadn't attacked us. You want to talk current events, start by explaining how Putin is in the same universe as torturing, democracy overthrowing, murdering, invading, droning, innocent-imprisoning universe as George W. Obama?
Fair job of refuting GGP's assertion that "people have forgotten the atrocities of the Soviets".
I say "fair" because of your grossly exaggerated figures on the death toll in the Ukraine, and your insinuation that there was something "fishy" about Putin taking over after Yeltsin resigned. Yeltsin appointed Putin to be his Prime Minister, and also made it clear he wished Putin to succeed him.
I'm also not seeing much in your post in support of Putin's Russia being just like the old USSR, other than pointing to Putin's ambitions and his repressive methods. The fact is the Russian Federation is nowhere near as economically/militarily powerful or politically influential as the USSR during the Cold War. Not even close. Likewise, the level of murderous atrocities committed by the former USSR goes far far beyond any crimes perpetrated by the Russian Federation. Those that want to compare the wrongs of the USSR of the past to the wrongs of the US of the present are fools.
And regardless of any status of moral authority after the Iraq war, the fact that the US got involved in Iraq in the way we did doesn't take away from the issue at hand in Crimea now, any more than "But NSA!!!" makes actions by FSB (or, more likely, criminal organizations who have quid-pro-quo agreements with FSB) any less bad.
Quite true.
The winners write the history book after all.
It used to be like that in 19th Century, but that time is long gone ...
The USSR was no where near as powerful as the USSR that was presented via propaganda (from both sides). I would argue that Russia has much of Europe in a tighter noose now via natural gas exports than they did during Soviet days. Many of the gas lines also run through Ukraine by necessity, which is probably what this is really about as opposed to any feigned concern for Russian speakers in Crimea. It is true that Russia doesn't have as many satellites in its sway as it once did, but that's also largely to do with the evolution of the EEC to the EU as well as US and British pushes to get former Soviet states into NATO. However, while Russia doesn't have the political sway that it once did, that doesn't mean that regaining as much of that sway as possible isn't a motivator for Putin.
Regaining degraded national prestige and empire has been a motivating factor for both Hard and Soft dictators throughout history. Not to Godwin this, but the precursory actions in WWII involved annexation of German-speaking areas that were lost to the German Empire after WW1. Likewise, Mussolini laid claim to much of the non-European territories formerly held by the Roman Empire (There is a reason why he adopted the fasces and why man hole covers in Italy are stamped SPQR these days). I believe that it is short sighted to say that because Russia does not have the influence that it once did that Putin will not try and gain as much of it back as possible.
The major difference is that the USSR was an Ideology State, much like the United States is. It was meant to be the shining beacon for radical, revolutionary socialism and communism and as such enjoyed the support of left-wing workers' groups, academics and politicians around the world, whom they also supported in turn. The Russian Federation is a nation state based on the historical territory of a specific set of ethnic groups bound together by history, blood and language. It's much more like South Korea in that way, and that lack of ideological status is what will keep them from regaining Soviet-era sphere of influence. Beyond money, it isn't like anyone will be driven to spy for Russia these days who isn't a Russian. There are no Reds lurking in the halls of power looking for juicy secrets to pass to their ideological brothers in arms.
With regards to your initial points, I'll accept my overstatement on Ukrainian deaths. I had that number stuck in my head for a long time. I may have been confusing it with similar Chinese issues (Communism tends to kill large numbers of people via stupidity as well as malice). However, I don't think that Yeltsin stating that he chose Putin to be his successor can necessarily be taken at face value. If a stone-cold killer had one over on you, what would you do? The fishiness comes from the resignation as opposed to a coupe. A coupe can be attributed outright. The fact that Yeltsin resigned, put a former intelligence officer with ties to the legal and illegal oligarchy (many of whom were also former KGB officers who leveraged those positions for economic gain after the fall of the Soviet Union), who then was able to play a shell game of power to where he has been either President or Prime Minister since 1999, smacks of strong-arming to me. However, that is supposition. I'm not in possession of any intelligence on the matter that hasn't already been made public.
However, for the sake of comparison, since Putin assumed control of the Kremlin, the United States has been through 4 Speakers of the House (Gingrich, Hastert, Pelosi, Boehner) and 3 Presidents (Clinton, Bush, Obama). Obama will be out of office in 2016, but I am willing to bet that Putin will be around one way or another for some time to come. As the swap to Prime Minister showed, he is only limited by the conservativeness of his terms, not the number.
You know, there is a bit of a mess unfolding in Ukraine. There are pro-russian and pro-european factions and the russians are obviously supporting the former -- with a completely illegal show of force.
That is not accurate. There is a pro-Russia faction and a pro-Ukraine faction. The later are those that have lived there not only all of their lives, but their relatives before them. The former are Russians that the USSR put into place to control the local population, but these ppl stayed AFTER the break-up of the USSR.
So, what you really have, are Russians vs. Ukrainians.
I prefer the "u" in honour as it seems to be missing these days.
I could do my own homework on this since I don't know what you're talking about, but I probably won't, so I'll just ask.
By "shoulder to shoulder" do you mean physically, that the two people were at the same event? That is, standing near each other in the same way that the executioner stands next to the condemned? The same way that Bush Jr. physically stood shoulder to shoulder with Obama?
Oh, the naivety... The winners are just less clearly defined now. Unless it comes to actual combat, that clears things up. Let's hope that doesn't happen.
Anyway, it seems like history will repeat again. Just like 1938. Diplomatic pressure, discussions, etc. right until the West is under attack. Oh, wow, how could that happen? Avoid war at all costs, sure, but find a good way to stop the conflict or don't be surprised later.
Oh, and focus on the facts. This is not the time to discuss whether the political shift in Ukraine was legitimate or not. Focus on the actual territorial claim. Right now Russia is trying to tear Crimea apart from the Ukraine by military means. Focus on this fact. Maybe Crimea should be part of Ukraine, maybe not, doesn't matter at all. The use of the military is the problem. Or just ignore it, fine. Just don't be surprised if it doesn't stop there.
Except that GP was not talking about copying the US' computer-based espionage operations, but the US' various illegal wars.
The story is about Russian hacking. Naturally the subject won't turn to Russian hacking, or even Russia's invasion of Ukraine, but to false allegations of "illegal" wars by the US. Typical, and a diversion.
So, which "illegal wars" is the US uniquely "guilty" of?
You know, there is a bit of a mess unfolding in Ukraine. There are pro-russian and pro-european factions and the russians are obviously supporting the former -- with a completely illegal show of force.
I've heard.
Less well known is that the pro-european factions supported by the West are largely far-right nationalists. Neonazis, pretty much. See, e.g. this piece by Max Blumenthal.
Yes, I'm familiar with Russian charges that they are going to fight fascists in another smaller neighboring country. That was the excuse to invade Finland. The charge is recycled to invade and take territory from Ukraine.
During the Stalin era, Soviet propaganda painted Finland's leadership as a "vicious and reactionary Fascist clique". Marshal C. G. E. Mannerheim and Väinö Tanner, the leader of the Finnish Social Democratic Party, were targeted for particular scorn.[52] With Joseph Stalin gaining near-absolute power through the Great Purge of 1938, the Soviet Union changed its foreign policy toward Finland in the late 1930s. The Soviet Union began pursuing the reconquest of the provinces of Tsarist Russia lost during the chaos of the October Revolution and the Russian Civil War. The Soviet leadership believed that the old empire had ideal security and territorial possessions, and wanted the newly christened city of Leningrad to enjoy a similar security. -- Winter War
Yes, that is all too familiar.
As for Max Blumenthal, I'm aware of his work. I don't consider his views useful given their crank fringe attributes.
Are Mainstream Liberals Embracing Max Blumenthal’s ‘I Hate Israel Handbook’?
You can see the nonsense in his piece that you link to. As part of the "proof" he mentions "white supremacist banners and Confederate flags," but somehow passes over the British, French, Canadian, and other flags present. Does that mean that the Ukrainians are also secretly French, British, and Canadian too, or just crypto-Confederates? It contains no small bit of rubbish. He is a useful idiot making excuses for Russia's invasion.
Besides, if it the concern that prompted the invasion really was fighting "fascism," why didn't Russia take care of their own neo-Nazi and fascist problems at home first? It isn't a small problem, and they have been letting it bleed into Ukraine.
Russian Neo-Nazis Are Now Beating Up Gays in Ukraine
Russia neo-Nazis jailed for life over 27 race murders
Russia: Far-Right Nationalists And Neo-Nazis March In Moscow
Viral Vigilantism: Russian Neo-Nazis Take Gay Bashing Online
Russian Neo-Nazis Made These Horrifying Videos of Anti-LGBT Attacks
The Russians seem to be good at finding fascism and fighting it in all their neighbors, not
much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
I have no love for the Russian's handling of this, and said so clearly. But the post you originally replied to was emphatically not about Russian spying -- which, since the story as a whole is about that subject, made me wonder why you chose to post your old Cuckoo link specifically at that point in the thread.
Somewhere further down I replied to someone else what I consider "illegal war", hope you don't mind a bit of laziness (it's early where I am at) and let me just copy paste that:
Lacking a mandate from the relevant institutions of international law; in the absence of a credible threat to national security; based entirely on circumstantial evidence, cherry-picked intel and plain fabrication; against the wishes of a large fraction of voters...
Gosh, thanks. That must be why the other ships call me Meatfucker -- GCU Grey Area (Eccentric)
The "illegal war" description doesn't fit Afghanistan at all, and not really Iraq either.
much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
That is pitifully stupid.
Now we're done.
much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
The "illegal war" description doesn't fit Afghanistan at all, and not really Iraq either.
Really? So Iraq was a real threat to US national security? There were weapons of mass destruction after all? It has recently come to light that Powell's speech at the UN was less than 100% fabrication? A large majority of voters were in favour of it? No outlawed munitions were used?
I guess we're just living in too different universes to be able to get to any agreement here. No biggie, carry on.
Gosh, thanks. That must be why the other ships call me Meatfucker -- GCU Grey Area (Eccentric)