Tag Archive for: elite

FBI says it has sabotaged hacking tool created by Russia’s elite spies



Experts disabled the ‘Snake’ malware used by the FSB against US computers, in what could be a death blow to one of Moscow’s leading cyber espionage programs.

Source…

FBI says it has sabotaged hacking tool created by elite Russian spies


WASHINGTON :The FBI has sabotaged a suite of malicious software used by elite Russian spies, U.S. authorities said on Tuesday, providing a glimpse of the digital tug-of-war between two cyber superpowers.

Senior law enforcement officials said FBI technical experts had identified and disabled malware wielded by Russia’s FSB security service against an undisclosed number of American computers, a move they hoped would deal a death blow to one of Russia’s leading cyber spying programs.

“We assess this as being their premier espionage tool,” one of the U.S. officials told journalists ahead of the release. He said Washington hoped the operation would “eradicate it from the virtual battlefield.”

The official said the FSB spies behind the malware, known as Snake, are part of a notorious hacking group tracked by the private sector and known as “Turla.”

The group has been active for two decades against a variety of NATO-aligned targets, U.S. government agencies and technology companies, a senior FBI official said.

Russian diplomats did not immediately return a message seeking comment. Moscow routinely denies carrying out cyberespionage operations.

U.S. officials spoke to journalists on Tuesday ahead of the news release on condition that they not be named. Similar announcements, revealing the FSB cyber disruption effort, were made by security agencies in the UK, Canada, Australia and New Zealand.

Turla is widely considered one of the most sophisticated hacking teams studied by the security research community.

“They have persisted in the shadows by focusing on stealth and operational security,” said John Hultquist, vice president of threat analysis at U.S. cybersecurity company Mandiant. “They are one of the hardest targets we have.”

The U.S. government dubbed the disruption of Turla’s Snake malware “Operation Medusa.” The FBI and its partners identified where the hacking tool had been deployed across the internet and built a unique software “payload” to disrupt the hackers’ infrastructure.

The FBI relied on existing search warrant authorities to remotely access the Russian malicious program within victim networks in the U.S. and sever its connections.

The senior FBI official said the Bureau’s…

Source…

‘Our Conflict With Iran Is Unparalleled’, Say Israel’s Elite Cyber Unit Commanders – Israel News


News

Life and Culture

Columnists and Opinion

Haaretz Hebrew and TheMarker

Partnerships

Haaretz.com, the online English edition of Haaretz Newspaper in Israel, gives you breaking news, analyses and opinions about Israel, the Middle East and the Jewish World.
© Haaretz Daily Newspaper Ltd. All Rights Reserved

Source…

O.MG Elite Cable has power of a $20,000 hacking tool; can compromise iPhone, Android, Mac, PC


Shown off at this year’s Def Con is an unassuming and powerful hacking tool, the O.MG Elite cable. With the physical appearance of a standard Lightning or USB-C cable, the hidden modifications mean this cable can log keystrokes, perform attacks, and even transmit data stealthily from air-gapped devices with its own WiFi network.

Seen by The Verge‘s Corin Faife at Def Con, here’s how creator MG decribes the creation:

“It’s a cable that looks identical to the other cables you already have,” explains MG, the cable’s creator. “But inside each cable, I put an implant that’s got a web server, USB communications, and Wi-Fi access. So it plugs in, powers up, and you can connect to it.”

One of the powerful things about the new O.MG Elite compared to its predecessors is the advanced network features mean it can handle bidirectional communications.

O.MG Elite can perform attacks and read data that’s passed through the cable, say between iPhone and Mac, or almost any other combination of devices as it comes in Lightning to USB-A, Lightning to USB-C, C to C, and microUSB versions.

Creator MG says that up until now, a cable like this would have sold for as much as $20,000. But it’s going from $180+ to early access customers.

Attacks, keylogger, and built-in WiFi

O.MG Elite is able to carry out keystroke injection attacks – which makes a device think it’s a keyboard typing commands. That opens up vulnerabilites like command line attacks.

“It also contains a keylogger: if used to connect a keyboard to a host computer, the cable can record every keystroke that passes through it and save up to 650,000 key entries in its onboard storage for retrieval later. Your password? Logged. Bank account details? Logged. Bad draft tweets you didn’t want to send? Also logged.”

X-ray highligting the implanted chip in O.MG Elite

As noted by The Verge, a big part of how scarily capable this cable can be is the built-in WiFi to silently send back data to an attacker – even on air-gapped devices.

“Many ‘exfiltration’ attacks — like the Chrome password theft mentioned above — rely on sending data out over the target machine’s internet connection, which runs the…

Source…