Malware Found On Major Hard-Drives

Security researchers at Kaspersky Labs have discovered spyware hidden within the firmware of hard-drives made by Seagate, Western Digital, Toshiba, Mircron and Samsung. Kaspersky Labs found victims in thirty different countries such as, China, Russia, and Iraq. The victims fall into multiple categories, such as governments, military, Islamic activists, and mass media.

The organization responsible for these attacks are called the Equation Group by Kaspersky. While researchers at Kaspersky have not disclosed the country that Equation belongs to, they have speculated that Equation Group are also be responsible of Stuxnet, a National Security Agency spy program targeting the Iranian nuclear program. Therefore closely linking the Equation Group and the NSA.

The spyware is able to collect and copy data of the infected computers and is activated when the infected PC starts. It also has the ability to map out the network of the infected computer.

Lead researcher states that this would not be possible without the source code of the hard-drives. By looking through the source code for vulnerabilities, the hard drives could be exploited. While many of the hard-drive manufacturers have commented that they would not release their source code, Equation Group still managed to acquire it.

victim map

Links:

https://securelist.com/files/2015/02/Equation_group_questions_and_answers.pdf

-Zhi-Han Ling

Advertisements