Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Military Publicly Dumps Russian Government Malware Online (vice.com)

Posted by BeauHD on from the sharing-is-caring dept.

An anonymous reader quotes a report from Motherboard: This week, U.S. Cyber Command (CYBERCOM), a part of the military tasked with hacking and cybersecurity focused missions, started publicly releasing unclassified samples of adversaries' malware it has discovered. CYBERCOM says the move is to improve information sharing among the cybersecurity community, but in some ways it could be seen as a signal to those who hack U.S. systems: we may release your tools to the wider world. On Friday, CYBERCOM uploaded multiple files to VirusTotal, a Google-owned search engine and repository for malware. Once uploaded, VirusTotal users can download the malware, see which anti-virus or cybersecurity products likely detect it, and see links to other pieces of malicious code.

One of the two samples CYBERCOM distributed on Friday is marked as coming from APT28, a Russian government-linked hacking group, by several different cybersecurity firms, according to VirusTotal. Those include Kaspersky Lab, Symantec, and Crowdstrike, among others. APT28 is also known as Sofacy and Fancy Bear. The malware itself does not appear to still be active.

20 of 74 comments (clear)

  1. LMAO by LordWabbit2 · · Score: 4, Interesting

    I will laugh my ass off if the Russian's simply do the same thing and upload American malware, we already know from multiple sources that America is doing cyber war just as much as the Chinese and Russians etc. This is just a publicity stunt... although I have to admit I would like to take a look at them, disassemble them and see how they work. I took an in depth look at the Melissa virus back in the day (although that wasn't exactly hard, it was written in VBA) it did something that work wanted me to do, so I wanted to see how it did it. Horrible code, boggles the mind how it managed to spread and do so much damage with such shitty code. So I copied the one line of undocumented API code that it used, to do what I needed to do and the company anti-virus did not like it at all. So in a meeting I said "I can do what you want me to do, but you will have to switch off the anti-virus", yeah, that didn't fly. Rightly so, so we had to figure out another workaround.

    --
    There are three kinds of falsehood: the first is a 'fib,' the second is a downright lie, and the third is statistics.
    1. Re:LMAO by Anonymous Coward · · Score: 1, Insightful

      And here it is. The excuse.

      So we constantly heard about how if Russia is doing mean things on the internet, then where is the proof? Why don't they show us?

      Now they do, and it's "But America does it too!!!!!!!111111".

      If you haven't been paying attention, America's intelligence agencies have been getting their dirty laundry publicly posted online for about a decade thanks to the combined efforts of Assange, Russia, and Snowden. I don't think "Imagine if Russia did it too" is really much of a threat, when, well, that's exactly what they've been doing to weaken the US political for the last 10 years so that idiots like you can deflect from the growing problem of malicious online actions by Russia.

      Well done you fucking useful idiot for doing Putin's job for him. The US is both responding in kind here to Russian aggression AND proving their case, this is a good thing because we can now see it's not just made up speculation for the sake of getting more funding or some other conspiracy theory, though I'm sure the hardcore Putinistas will still claim it as such.

    2. Re:LMAO by MillionthMonkey · · Score: 1

      No, there are things the Americans don't do.

      The Russian government requires all software companies there to include whatever code they give them. You should never run closed-source software on your machine if a Russian company was involved.

    3. Re:LMAO by LordWabbit2 · · Score: 1

      No, there are things the Americans don't do.

      You may need to to elaborate.
      It seems like America is willing to do what ever it wants.
      Torture
      Chemical attacks
      Wrongful arrest.
      Illegally invading countries.

      Napalm and agent orange, FFS I mean where do Americans
      draw the line on what they will not do?

      --
      There are three kinds of falsehood: the first is a 'fib,' the second is a downright lie, and the third is statistics.
    4. Re:LMAO by LordWabbit2 · · Score: 1

      You are the only nation to drop a nuke in anger, in war. Twice. On civilians. Children. The first I can understand, the second? Why? So you could play with your new toy?

      --
      There are three kinds of falsehood: the first is a 'fib,' the second is a downright lie, and the third is statistics.
    5. Re:LMAO by LordWabbit2 · · Score: 1

      Like fighting for oil.

      --
      There are three kinds of falsehood: the first is a 'fib,' the second is a downright lie, and the third is statistics.
    6. Re:LMAO by Anonymous Coward · · Score: 1

      You do not have the slightest clue as to what life was like during WW2. Countries were totally destroyed. There were 60 million dead. Extermination camps that automated and optimized the most efficient way of killing people. There were no Geneva Convention or rules on the treatment of POW's. Although it is ironic because today the Geneva Convention would allow the immediate execution of any combatant not officially affiliated with the armed forces of a nation state.

      "On civilians. Children"
      In WW2 there was no difference between combatants and non-combatants. There were no smart bombs or laser guided missiles. Bombing raids were considered successful if 20% of the bombs dropped hit the intended targets. Pick up a fucking history book. WW2 was a total fight to the death for all sides.

      Fire bombing Tokyo caused more damage and killed more people than either of the nukes.
      "The first I can understand, the second? Why?" Because Japan didn't surrender after the first one. Is that concept to difficult to wrap you little head around? After the end of WW2 there were no German or Japanese regrouping to launch asymmetric warfare upon it's enemies. Why? Because the US had beat the resistance out of them. They were to busy just trying to crawl out of the rubble to start any trouble.

      Today's weak kneed give peace a chance pussies have never experienced a real war. A real war today would start with the systematic carpet bombing on every city with a population above 100. Trying to project today's societal norms to what was going on in the 1940's just exposes the ignorance of today's moral warriors and outraged snowflakes who are busy demanding their "safe spaces" so they can avoid anyone who might offend their tender sensibilities.

  2. Re:We need to keep perspective here by Anonymous Coward · · Score: 1

    Yes, help these people out. But after things have settled down begin looking at no-building zones in these places buried in woods with poor access for large vehicles and low water main pressures. Or, if you build there you truly are on your own, pioneer! Just like the mandates being set down for people who choose to keep building and living in Mississippi flood plains. The Feds have no money to keep bailing your asses out when your little escape island is going up in flames. Or underwater with the gars.

  3. Are US systems protected against these samples? by archer,+the · · Score: 2

    If not, talk about giving away the keys to the castle...

    1. Re:Are US systems protected against these samples? by 110010001000 · · Score: 1

      Yeah, really. What would happen if the Russians obtained these samples?

  4. Meanwhile, 18 months ago... by Archtech · · Score: 4, Interesting

    "The Marble Framework - How the CIA Obfuscates and Pretends to be Someone Else"

    https://viableopposition.blogs...

    --
    I am sure that there are many other solipsists out there.
    1. Re:Meanwhile, 18 months ago... by Archtech · · Score: 1

      The CIA is a US spy agency. That's their job.

      Why do people get offended when spies spy and immigration enforcement enforces immigration law?

      Who said anything about being offended? This thread's topic is about how "U.S. Cyber Command (CYBERCOM)" publicly dumped "Russian government malware online".

      If the topic is worth publishing, let alone discussing, there is surely an implication that it is bad for the Russian government to be creating and/or using malware.

      So I thought it would provide some context for people to know that Wikileaks had dumped US government malware online over a year earlier. Moreover, some of that US government malware is designed to camouflage online activity and make it look as though it came from a different country.

      Thus, for example, any apparent "Russian government malware" could possibly have been created and distributed by the CIA.

      Just saying.

      --
      I am sure that there are many other solipsists out there.
    2. Re:Meanwhile, 18 months ago... by Archtech · · Score: 1

      The CIA is a US spy agency. That's their job.

      Why do people get offended when spies spy and immigration enforcement enforces immigration law?

      As to the third sentence - why people get offended - you might ask those responsible for punishing alleged spies against the USA with long - including life - prison sentences, and even the death penalty. Ask the Rosenbergs https://en.wikipedia.org/wiki/..., or Robert Hansson https://www.voanews.com/a/a-13..., or many others.

      The customary view is that spying is perfectly normal and OK when done by our side, but wicked and criminal when done by others to us.

      --
      I am sure that there are many other solipsists out there.
  5. Why not by Anonymous Coward · · Score: 1

    The US's malware has been dumped already by the Shadow Brokers, we got nothing to lose at this point

  6. Well that makes perfect sense.. by 3seas · · Score: 1

    As an addiction the addicted have to do the things that keep their addiction feed. Hence cybersecurity must support the problem they claim to be against.

  7. Re: We need to keep perspective here by nasch · · Score: 2

    Not likely the people doing computer security are also trained firefighters so what do you suggest? They just stop doing their jobs until there are no bigger problems in the US?

  8. Re:Those voting machines are already sieve-like by Iwastheone · · Score: 2

    I've worked as an Election Inspector in NY State for the last 6 elections. In NYS a system of both electronic and redundant paper ballots are kept. After the polls close two printouts are created, and signed off by other inspectors. The paper ballots are sealed and accounted for before being sent to the local police station. Redundancy is very much necessary, and paper ballots are the 'proof' in case of any questionable results.

  9. Russian -linked cyber bollix by najajomo · · Score: 1

    Enough with this anti-Russian linked cyber bollix ..

  10. Suck it, moskals by benjfowler · · Score: 1

    Glad to see somebody taking these Russian bullies down a few pegs.

    Klepto-fascist Russia respects strength, and literally despises weakness. You earn their respect by drawing clear boundaries, and then punching them hard every time they step out of line.

    You have to keep your pimp hand strong with these backwards bitches. There's no reasoning with them, because they are not civilised people of good will. You can't talk to Putinists like you talk to (say) the Americans or Europeans.

  11. Re: We need to keep perspective here by Klaxton · · Score: 1

    What about the many indictments, plea bargains, and outright convictions of trump's flunkies? Mueller hasn't shown a fraction of what he has.