Slashdot Mirror

← Back to Stories (view on slashdot.org)

German Parliament May Need To Replace All Hardware and Software To Stop Malware

Posted by samzenpus on from the wiping-it-clean dept.

jfruh writes: Trojan spyware has been running on computers in the German parliament for over four weeks, sending data to an unknown destination; and despite best efforts, nobody's been able to remove it. The German government is seriously considering replacing all hardware and software to get rid of it. From the ITWorld article: "After the attack, part of the parliament’s traffic was routed over the federal government’s more secure data network by the Federal Office For Information Security, Der Spiegel reported. Some Germans suspect that the Russian foreign intelligence service SVR is behind the attack. On Thursday, the parliament will discuss how to address the situation."

3 of 189 comments (clear)

  1. Sure by Travis+Mansbridge · · Score: 5, Insightful

    They'll replace everything, then one person will plug in their phone over USB to put some emails on their new workstation and it'll begin all over again.

  2. The Greens want to revert to open source software by nickweller · · Score: 5, Interesting

    'The Greens in the German parliament want the Foreign Ministry to revert back to open source software solutions on its workstations. The ministry in 2010 abandoned its open source desktop strategy, pressured by staffers struggling with interoperability problems. The Greens are now asking the ministry to justify the proprietary licence costs it has made since then.'

  3. Hidden Malware by Whiteox · · Score: 5, Interesting

    Ok so a machine came into the shop with a pile of BHOs and other malware. I did the normal scans, found 96 of them, cleaned them up and everything ok. A specific malware site came back. Now I did rootkit scans, in depth scans. Nothing found but Chrome and Firefox was clean, only IE 10 suffered.
    Busting my brains on this, I set home page to be null. Worked ok except when IE was restarted. Nothing in the registry, services, hidden files/folders that could account for this. Everytime I started IE, back it came.
    So thinking logically I realised that there was no malware on the system and that IE was calling it somehow when it loaded. A few minutes later I discovered that the shortcut link was appended with a http address to the malware site! A very simple infection that no amount of scanning could fix.

    --
    Don't be apathetic. Procrastinate!