Slashdot Mirror
US Goverment Employees Targetted By New 'GovRAT' Malware (computerworld.com)
Security researchers have detected an upgrade to the GoVRAT malware, which targets government employees and bypasses antivirus tools using stolen digital certificates. An anonymous reader quotes Computerworld:
Through GovRAT, hackers can potentially steal files from a victim's computer, remotely execute commands, or upload other malware to the system... The malware features an additional function to secretly monitor network traffic over the victim's computer -- something with scary consequences. "If you're downloading something from a particular resource, the hackers can intercept the download and replace it with malware," said InfoArmor CIO Andrew Komarov on Friday.
Last year, InfoArmor said that earlier versions of GovRAT had attacked more than 15 governments around the world, in addition to seven financial institutions and over 100 corporations. The security researchers say GovRAT comes with "a stolen database of 33,000 Internet accounts, some of which belong to U.S. government employees," including names, email addresses and hashed passwords.
Last year, InfoArmor said that earlier versions of GovRAT had attacked more than 15 governments around the world, in addition to seven financial institutions and over 100 corporations. The security researchers say GovRAT comes with "a stolen database of 33,000 Internet accounts, some of which belong to U.S. government employees," including names, email addresses and hashed passwords.
Karma is a bitch, eh....
Yeah, thank Snowden for that.
Clinton is a part of the problem though, not part of the solution.
'Yep, hang him up high. Fuck that traitorous shithead.'
This comment says more about the writer than about Snowden.
Good job mods.
Wrong, faggot. The U.S. government revoked his passport, so he cannot leave.
Much easier to turn him into a RUSSIAN BOOGIEMAN when you make him stranded there, isn't it?
https://www.rt.com/usa/162144-...
That sounds like a suspiciously specific cause for a Dalek.
Ezekiel 23:20
Oh, wait, we do. The NSA. Their job should be to find these vulnerabilities, notify the vendor, and help keep us all safe. Too bad our current USA government is so corrupt simple things like this simply don't happen.
Because the NSA wants to use GovRAT themselves!
The NSA, GCHQ, CIA want to see who is looking for what on wide open, junk private sector contractor supported US gov networks.
The huge hope is that someone interesting will look for a project or name on a gov network and expose the real origins of such hidden information.
What really happened is the plain text US networks are left so wide open that anyone can log in and look around, save all data found in bulk, plain text or test malware on a huge scale. Why risk a live search and real time detection, just save it all.
For a honey pot to work the lid has to be kept off.
That exposed entire US gov sectors and all their contractors to some risk.
Other agencies see that gov bait as a wonderful tracking tool while fully protecting their own networks.
The other aspect is budgets, for US gov cyber budgets to grow, issues like this have to make it to the press and be fully reported on.
More cash for private sector contractors to track and fix the issues any US gov worker could as part of their job.
Spies and the private sector are enjoying the work load, over time, profits and results. All other US gov workers are just left to float around on open junk networks.
So the NSA is looking at everything, just not looking to protect anything.
Domestic spying is now "Benign Information Gathering"
Wrong.
That's Trump doing the tube-steak boogie
"GoVRAT malware, which targets government employees"
Slashdot is getting as bad as the rest of the technical press. As in choking on the words Microsoft Windows in relation to malware. If the NSA hadn't expended so much effort in diluting security on Microsoft Windows then we wouldn't be in this mess.