Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Military Publicly Dumps Russian Government Malware Online (vice.com)

Posted by BeauHD on from the sharing-is-caring dept.

An anonymous reader quotes a report from Motherboard: This week, U.S. Cyber Command (CYBERCOM), a part of the military tasked with hacking and cybersecurity focused missions, started publicly releasing unclassified samples of adversaries' malware it has discovered. CYBERCOM says the move is to improve information sharing among the cybersecurity community, but in some ways it could be seen as a signal to those who hack U.S. systems: we may release your tools to the wider world. On Friday, CYBERCOM uploaded multiple files to VirusTotal, a Google-owned search engine and repository for malware. Once uploaded, VirusTotal users can download the malware, see which anti-virus or cybersecurity products likely detect it, and see links to other pieces of malicious code.

One of the two samples CYBERCOM distributed on Friday is marked as coming from APT28, a Russian government-linked hacking group, by several different cybersecurity firms, according to VirusTotal. Those include Kaspersky Lab, Symantec, and Crowdstrike, among others. APT28 is also known as Sofacy and Fancy Bear. The malware itself does not appear to still be active.

3 of 74 comments (clear)

  1. LMAO by LordWabbit2 · · Score: 4, Interesting

    I will laugh my ass off if the Russian's simply do the same thing and upload American malware, we already know from multiple sources that America is doing cyber war just as much as the Chinese and Russians etc. This is just a publicity stunt... although I have to admit I would like to take a look at them, disassemble them and see how they work. I took an in depth look at the Melissa virus back in the day (although that wasn't exactly hard, it was written in VBA) it did something that work wanted me to do, so I wanted to see how it did it. Horrible code, boggles the mind how it managed to spread and do so much damage with such shitty code. So I copied the one line of undocumented API code that it used, to do what I needed to do and the company anti-virus did not like it at all. So in a meeting I said "I can do what you want me to do, but you will have to switch off the anti-virus", yeah, that didn't fly. Rightly so, so we had to figure out another workaround.

    --
    There are three kinds of falsehood: the first is a 'fib,' the second is a downright lie, and the third is statistics.
  2. Re: We need to keep perspective here by Anonymous Coward · · Score: 0, Interesting

    That would be awesome! But with a Republican controlled Senate, a lot of Republucan damage don't be undone.

    Expect a Trump caused recession in about 4 years and Tate Republicans blaming Obama and their sycophantic moronic hordes believing it.

  3. Meanwhile, 18 months ago... by Archtech · · Score: 4, Interesting

    "The Marble Framework - How the CIA Obfuscates and Pretends to be Someone Else"

    https://viableopposition.blogs...

    --
    I am sure that there are many other solipsists out there.