Duqu – WindowsTechs.com

Nation-state hacking kit ‘Flame’ had a second life, researchers say

Posted on April 9, 2019 by Sean Lyngaas

Flame, the nation-state-developed malware kit that targeted computers in Iran, went quiet after researchers exposed it in 2012. The attackers tried to hide their tracks by scrubbing servers used to talk to infected computers. Some thought they had seen the last of the potent malware platform. Flame’s disappearance “never sat right with us,” said Juan Andres Guerrero-Saade and Silas Cutler, researchers with Alphabet’s Chronicle. On Tuesday at the Kaspersky Security Analyst Summit in Singapore, they showed that Flame hadn’t died, it had just been reconfigured. Tracing early components of Flame, Guerrero-Saade and Cutler found a new version of it that was likely used between 2014 and 2016. Flame 2.0 is “clearly built” from the original source code, but it has new measures aimed at eluding researchers, they wrote in a paper. The discovery shows how good source code dies hard, and that tracking its evolution can be a very long game […]

The post Nation-state hacking kit ‘Flame’ had a second life, researchers say appeared first on CyberScoop.

Continue reading Nation-state hacking kit ‘Flame’ had a second life, researchers say→

SAS 2019: 4 Stuxnet-Related APTs Form Gossip Girl, an ‘Apex Threat Actor’

Posted on April 9, 2019 by Tara Seals

Flowershop, Equation, Flame and Duqu appear to have a hand in the different phases of Stuxnet development, all working as part of an operation active as early as 2006. Continue reading SAS 2019: 4 Stuxnet-Related APTs Form Gossip Girl, an ‘Apex Threat Actor’→

Why Eugene Kaspersky keeps talking about ‘Project Sauron’

Posted on December 1, 2017 by Chris Bing

Kaspersky Lab founder and CEO Eugene Kaspersky says he’s figured out why the U.S. government hates his company. According to Kaspersky, his company’s research into a sophisticated, international cyber espionage operation that targeted government entities in Russia, Iran and Rwanda represents why the Russian anti-virus maker has become a bogeyman for the U.S. government. This reasoning came during public comments Kaspersky made Tuesday during a small event in London. His comments are the most detailed effort among Kaspersky’s multiple attempts to defend his company from allegations the Moscow-based company acts as an intelligence collection tool for Russian spies. Kaspersky talked about his company’s discovery of U.S. intelligence related hacking operations, including those of the NSA-linked “Equation Group” and CIA-linked “Lamberts,” being the reason for the recent firestorm. He specifically emphasized the unveiling of one particular campaign — known as ProjectSauron or Strider — as a driving factor while also implying U.S. involvement with […]

The post Why Eugene Kaspersky keeps talking about ‘Project Sauron’ appeared first on Cyberscoop.

Continue reading Why Eugene Kaspersky keeps talking about ‘Project Sauron’→

Researchers crack open unusually advanced malware that hid for 5 years

Posted on August 9, 2016 by Dan Goodin

Espionage platform with more than 50 modules was almost certainly state sponsored. Continue reading Researchers crack open unusually advanced malware that hid for 5 years→

ProjectSauron APT On Par With Equation, Flame, Duqu

Posted on August 8, 2016 by Michael Mimoso

ProjectSauron, an APT attack platform, has been used since 2011 to target critical government, financial and communications organizations in a number of countries. Continue reading ProjectSauron APT On Par With Equation, Flame, Duqu→