How the NSA's Firmware Hacking Works and Why It's So UnsettlingWIREDMar. 02, 2015 |
'Woke' Google Fires 28 Employees Who Protested Gaza Genocide
Report: Blinken Sitting On Staff Recommendations to Sanction Israeli Military Units Linked to Killings or Rapes
America Last: House Bill Provides $26B for Israel, $61B for Ukraine and Zero to Secure U.S. Border
Bari Weiss' Free Speech Martyr Uri Berliner Wants FBI and Police to Spy on Pro-Palestine Activists
John Hagee Cheers Israel-Iran Battle as 'Gog and Magog War,' Will Lobby Congress Not to Deescalate
One of the most shocking parts of the recently discovered spying network Equation Group is its mysterious module designed to reprogram or reflash a computer hard drive’s firmware with malicious code. The Kaspersky researchers who uncovered this said its ability to subvert hard drive firmware—the guts of any computer—“surpasses anything else” they had ever seen. The hacking tool, believed to be a product of the NSA, is significant because subverting the firmware gives the attackers God-like control of the system in a way that is stealthy and persistent even through software updates. The module, named “nls_933w.dll”, is the first of its kind found in the wild and is used with both the EquationDrug and GrayFish spy platforms Kaspersky uncovered. It also has another capability: to create invisible storage space on the hard drive to hide data stolen from the system so the attackers can retrieve it later. This lets spies like the Equation Group bypass disk encryption by secreting documents they want to seize in areas that don’t get encrypted. Read More |