Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Tie Regin Malware To NSA, Five Eyes Intel Agencies

Posted by timothy on from the which-wolves-and-which-sheep dept.

Trailrunner7 writes Researchers at Kaspersky Lab have discovered shared code and functionality between the Regin malware platform and a similar platform described in a newly disclosed set of Edward Snowden documents 10 days ago by Germany's Der Spiegel. The link, found in a keylogger called QWERTY allegedly used by the so-called Five Eyes, leads them to conclude that the developers of each platform are either the same, or work closely together. "Considering the extreme complexity of the Regin platform and little chance that it can be duplicated by somebody without having access to its source codes, we conclude the QWERTY malware developers and the Regin developers are the same or working together," wrote Kaspersky Lab researchers Costin Raiu and Igor Soumenkov today in a published report. (Here is the Spiegel article.)

3 of 95 comments (clear)

  1. Real shocker by X.25 · · Score: 5, Interesting

    And I thought it was IS/Russians/NKoreans/Aliens, because US and allies hold moral highground and would never initiate actions which they themselves consider to be acts of war, right?

    http://www.wsj.com/articles/SB...

    After all, it's ok if they do it. It's only bad if terrorists, communists and perverts do it.

    Crying wolf and all that.

  2. A call for Write Protect by Technician · · Score: 5, Interesting

    It is time ro return to the Write Protect Switch. Passwords are no longer effective in preventing firmware alterations by hostile organizations.

    For those old enough to remember them, changing a BIOS required an EPROM burner and UV eraser. Changing CMOS settings required setting the write protect jumper.

    Early infections were restricted to Write Enabled floppies, hard drives for machines with them, and everything else was write protected.

    It is time to return to write protected firmware requiring physical access to alter.

    Our complacency with remote management is showing the error of our ways as we are compromised.

    --
    The truth shall set you free!
  3. Re:When will there be justice? by Anonymous Coward · · Score: 5, Interesting

    General Alexander lied to Congress, denied NSA was spying on millions of Americans, pretended the NSA didn't have the technical ability. Has he been punished? Has he been found in contempt of Congress?

    No, he retired, set up a private company which banks pay tens of millions of dollars for some vague service, and the CTO of the NSA is involved as a consultant. In other words this is some NSA front company most likely. Yet another way for NSA to escape legal bounds.

    Tempora, the UK's massive full-take surveillance system, that the NSA queries using its UK base to avoid any legal questions in the US. The one they use to spy on British politicians, press and activists with the help of GCHQ (aka traitors to their democracy). Has any GCHQ staff been prosecuted for that? Quite the opposite, their agents in the Lords are busy trying to amend bills to make it legal!

    So who exactly is going to punish the NSA? Because everyone of those politicians is in the database, and politicians who step out of line find their private lives leaked to the press.

    UKIP MPs are the being targetted now, with their phone calls over the years, leaked. Who records phone calls of people just in case they become political MPs, then selectively leaks the most embarrassing ones? GCHQ and NSA, that's who.

    So no good people will make their way up the political ladder and no fix is possible.