Slashdot Mirror
US Military Publicly Dumps Russian Government Malware Online (vice.com)
An anonymous reader quotes a report from Motherboard: This week, U.S. Cyber Command (CYBERCOM), a part of the military tasked with hacking and cybersecurity focused missions, started publicly releasing unclassified samples of adversaries' malware it has discovered. CYBERCOM says the move is to improve information sharing among the cybersecurity community, but in some ways it could be seen as a signal to those who hack U.S. systems: we may release your tools to the wider world. On Friday, CYBERCOM uploaded multiple files to VirusTotal, a Google-owned search engine and repository for malware. Once uploaded, VirusTotal users can download the malware, see which anti-virus or cybersecurity products likely detect it, and see links to other pieces of malicious code.
One of the two samples CYBERCOM distributed on Friday is marked as coming from APT28, a Russian government-linked hacking group, by several different cybersecurity firms, according to VirusTotal. Those include Kaspersky Lab, Symantec, and Crowdstrike, among others. APT28 is also known as Sofacy and Fancy Bear. The malware itself does not appear to still be active.
One of the two samples CYBERCOM distributed on Friday is marked as coming from APT28, a Russian government-linked hacking group, by several different cybersecurity firms, according to VirusTotal. Those include Kaspersky Lab, Symantec, and Crowdstrike, among others. APT28 is also known as Sofacy and Fancy Bear. The malware itself does not appear to still be active.
I will laugh my ass off if the Russian's simply do the same thing and upload American malware, we already know from multiple sources that America is doing cyber war just as much as the Chinese and Russians etc. This is just a publicity stunt... although I have to admit I would like to take a look at them, disassemble them and see how they work. I took an in depth look at the Melissa virus back in the day (although that wasn't exactly hard, it was written in VBA) it did something that work wanted me to do, so I wanted to see how it did it. Horrible code, boggles the mind how it managed to spread and do so much damage with such shitty code. So I copied the one line of undocumented API code that it used, to do what I needed to do and the company anti-virus did not like it at all. So in a meeting I said "I can do what you want me to do, but you will have to switch off the anti-virus", yeah, that didn't fly. Rightly so, so we had to figure out another workaround.
There are three kinds of falsehood: the first is a 'fib,' the second is a downright lie, and the third is statistics.
If not, talk about giving away the keys to the castle...
"The Marble Framework - How the CIA Obfuscates and Pretends to be Someone Else"
https://viableopposition.blogs...
I am sure that there are many other solipsists out there.
Not likely the people doing computer security are also trained firefighters so what do you suggest? They just stop doing their jobs until there are no bigger problems in the US?
I've worked as an Election Inspector in NY State for the last 6 elections. In NYS a system of both electronic and redundant paper ballots are kept. After the polls close two printouts are created, and signed off by other inspectors. The paper ballots are sealed and accounted for before being sent to the local police station. Redundancy is very much necessary, and paper ballots are the 'proof' in case of any questionable results.