Skip to comments.NSA Used Simple Tools to Detect Other State Actors on Hacked Devices
Posted on 03/07/2018 5:17:25 PM PST by bitt
An analysis of leaked tools believed to have been developed by the U.S. National Security Agency (NSA) provides a glimpse into the methods used by the organization to detect the presence of other state-sponsored actors on hacked devices, and it could help the cybersecurity community discover previously unknown threats.
Over the past few years, a mysterious hacker group calling itself Shadow Brokers has been leaking tools allegedly created and used by the Equation Group, a threat actor widely believed to be linked to the NSA. The Shadow Brokers have been trying to sell Equation Group tools and exploits, but without much success. They say their main goal has been to make money, but many doubt their claims.
One of the sets of files leaked by the hackers last year, named Lost in Translation, includes a series of modules dubbed Territorial Dispute. Researchers at the Laboratory of Cryptography and System Security (CrySyS Lab) of the Budapest University of Technology and Economics in Hungary, who have been involved in the analysis of Duqu and other advanced persistent threats (APTs), have conducted an investigation and they determined that the Territorial Dispute tools are designed to detect the presence of other state-sponsored groups.
According to CrySyS, the tools are relatively simple; they search the targeted device for specific files, Windows registry entries, and other indicators of compromise (IoCs) associated with known APTs.
(Excerpt) Read more at securityweek.com ...
It’s pretty much a 100% certainty that NSA was monitoring Hillary’s server.
Sophisticated enough to know whether it was the CIA faking a Russian hack or Russia really hacking?
Duqu......Dooku......Palpatine’s revenge chat captured on FBI desktop.
They probably installed it for her.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.