"Guccifer 2.0" in message to @WSJ “I won’t disclose my whereabouts for the safety reasons."
http://on.wsj.com/2aOc94O
Guccifer releases more hacked info.....Hacker posts cell phone numbers of congressional Democrats
Hacker reveals personal info for 193 Democrats. Hoyer, reached on cell posted on site, says breach is alarming.
Guccifer 2.0 Twitter account has been suspended. That's the account alleging to have breached The Democratic Party's computer networks.
Last edited by OUTLAW 09; 08-13-2016 at 04:48 PM.
US officials have mulled hitting Russians with sanctions over DNC hack, but so far they are treading carefully.Originally Posted by OUTLAW 09
Russian state hackers release small number of GOP emails to show 'no bias'. Mostly from Lindsay Graham (200% anti-Putin-Assad Senator)
Appears that the second email data dump of the AKP emails by WikiLeaks contained an unusual amount of malware...
https://github.com/bontchev/wlscrape...ter/malware.md
Malware hosted by Wikileaks
The following table contains the confirmed malware residing on the Wikileaks site. The list is by no means exhaustive; I am just starting with the analysis. But what is listed below is definitely malware; no doubts about it.
The first column contains a link to the e-mail on the Wikileaks site that contains the malicious attachment. The e-mail itself is safe to view (although the text is usually spam/scam/phish/whatever).
The second column contains the URL on the Wikileaks site where the malicious attachment to this e-mail message resides. Since this is a direct link (i.e., clicking it would result in the malware being directly downloaded to your PC), I have obfuscated the link by replacing "https" with "hxxxx" and putting square brackets around the dot in ".org", in order to make the link non-clickable. If you desire to download the malware and check for yourself that it is, indeed, malware, you can trivially deobfuscate the link - just, please, do be careful.
The third column contains links leading to a VirusTotal page, showing how the different scanners are reporting the malware. Those are safe to click.
Qudos to Hasherazade for making her tool VTScan for batch querying VirusTotal publicly available.
Wikileaks e-mail
Wikileaks URL to the malicious attachment
VirusTotal analysis
36138 hxxxx://wikileaks[.]org/akp-emails/fileid/36138/20098 F36CB35F410AB65958A6CCA846737A9C
Continued as the list is long.....
Apparently the hacker was not that well versed in not pulling the junk mail account or simply in a hurry OR Wikileaks was well aware of the malware and wanted to spread them.......
Last edited by OUTLAW 09; 08-15-2016 at 07:54 AM.
Mysterious entity claims it hacked Equation Group (likely NSA), dumps files, goes into rant. Potentially interesting
https://twitter.com/shadowbrokerss
Significant if true: Wikipedia referencing Kaspersky ties this APT group to the NSA/USG
https://twitter.com/pwnallthethings/...60042790281216 …
Russian antivirus firm faked malware to harm rivals
http://www.reuters.com/article/us-ka...0QJ1CR20150814
By Joseph Menn | SAN FRANCISCO
There has been and it was confirmed by their CEO that Kaspersky has close ties to the FSB at the CEO Level...BUT that is all....they claim they never share with the FSB....oh really......especailly when now the FSB has unlimited abilities to monitor all Russian Internet movement......Beginning more than a decade ago, one of the largest security companies in the world, Moscow-based Kaspersky Lab, tried to damage rivals in the marketplace by tricking their antivirus software programs into classifying benign files as malicious, according to two former employees.
They said the secret campaign targeted Microsoft Corp (MSFT.O), AVG Technologies NV (AVG.N), Avast Software and other rivals, fooling some of them into deleting or disabling important files on their customers' PCs.
Some of the attacks were ordered by Kaspersky Lab's co-founder, Eugene Kaspersky, in part to retaliate against smaller rivals that he felt were aping his software instead of developing their own technology, they said.
"Eugene considered this stealing," said one of the former employees. Both sources requested anonymity and said they were among a small group of people who knew about the operation.
Kaspersky Lab strongly denied that it had tricked competitors into categorizing clean files as malicious, so-called false positives.
"Our company has never conducted any secret campaign to trick competitors into generating false positives to damage their market standing," Kaspersky said in a statement to Reuters. "Such actions are unethical, dishonest and their legality is at least questionable."
Executives at Microsoft, AVG and Avast previously told Reuters that unknown parties had tried to induce false positives in recent years. When contacted this week, they had no comment on the allegation that Kaspersky Lab had targeted them.
The Russian company is one of the most popular antivirus software makers, boasting 400 million users and 270,000 corporate clients. Kaspersky has won wide respect in the industry for its research on sophisticated Western spying programs and the Stuxnet computer worm that sabotaged Iran's nuclear program in 2009 and 2010.
The two former Kaspersky Lab employees said the desire to build market share also factored into Kaspersky's selection of competitors to sabotage.
"It was decided to provide some problems" for rivals, said one ex-employee. "It is not only damaging for a competing company but also damaging for users' computers."
The former Kaspersky employees said company researchers were assigned to work for weeks or months at a time on the sabotage projects.
Their chief task was to reverse-engineer competitors' virus detection software to figure out how to fool them into flagging good files as malicious, the former employees said.
The opportunity for such trickery has increased over the past decade and a half as the soaring number of harmful computer programs have prompted security companies to share more information with each other, industry experts said. They licensed each other's virus-detection engines, swapped samples of malware, and sent suspicious files to third-party aggregators such as Google Inc's (GOOGL.O) VirusTotal.
By sharing all this data, security companies could more quickly identify new viruses and other malicious content. But the collaboration also allowed companies to borrow heavily from each other's work instead of finding bad files on their own.
Lab in 2010 complained openly about copycats, calling for greater respect for intellectual property as data-sharing became more prevalent.
In an effort to prove that other companies were ripping off its work, Kaspersky said it ran an experiment: It created 10 harmless files and told VirusTotal that it regarded them as malicious. VirusTotal aggregates information on suspicious files and shares them with security companies.
Within a week and a half, all 10 files were declared dangerous by as many as 14 security companies that had blindly followed Kaspersky's lead, according to a media presentation given by senior Kaspersky analyst Magnus Kalkuhl in Moscow in January 2010.
When Kaspersky's complaints did not lead to significant change, the former employees said, it stepped up the sabotage.
INJECTING BAD CODE
In one technique, Kaspersky's engineers would take an important piece of software commonly found in PCs and inject bad code into it so that the file looked like it was infected, the ex-employees said. They would send the doctored file anonymously to VirusTotal.
Then, when competitors ran this doctored file through their virus detection engines, the file would be flagged as potentially malicious. If the doctored file looked close enough to the original, Kaspersky could fool rival companies into thinking the clean file was problematic as well.
VirusTotal had no immediate comment.
In its response to written questions from Reuters, Kaspersky denied using this technique. It said it too had been a victim of such an attack in November 2012, when an "unknown third party" manipulated Kaspersky into misclassifying files from Tencent (0700.HK), Mail.ru (MAILRq.L) and the Steam gaming platform as malicious.
The extent of the damage from such attacks is hard to assess because antivirus software can throw off false positives for a variety of reasons, and many incidents get caught after a small number of customers are affected, security executives said.
The former Kaspersky employees said Microsoft was one of the rivals that were targeted because many smaller security companies followed the Redmond, Washington-based company's lead in detecting malicious files. They declined to give a detailed account of any specific attack.
Microsoft's antimalware research director, Dennis Batchelder, told Reuters in April that he recalled a time in March 2013 when many customers called to complain that a printer code had been deemed dangerous by its antivirus program and placed in "quarantine."
Batchelder said it took him roughly six hours to figure out that the printer code looked a lot like another piece of code that Microsoft had previously ruled malicious. Someone had taken a legitimate file and jammed a wad of bad code into it, he said. Because the normal printer code looked so much like the altered code, the antivirus program quarantined that as well.
Over the next few months, Batchelder's team found hundreds, and eventually thousands, of good files that had been altered to look bad. Batchelder told his staff not to try to identify the culprit.
"It doesn't really matter who it was," he said. "All of us in the industry had a vulnerability, in that our systems were based on trust. We wanted to get that fixed."
Continued.......
Last edited by OUTLAW 09; 08-15-2016 at 05:01 PM.
Suit warns of Russian ‘back door’ into U.S. fingerprint systems
http://www.sfgate.com/nation/article...witter-desktop …
Former execs of French firm that developed FBI fingerprint tech say it was made by the Russians & could be sabotaged
http://www.sfgate.com/nation/article...-S-9140446.php …
BUT WAIT so do the Chinese when they hacked the entire OMB Security Clearance database complete with fingerprints......they stole the data of over 20M US citizens
Last edited by OUTLAW 09; 08-15-2016 at 05:50 PM.
If this was Russia, it signals an unprecedented public escalation of the US-Russian cyber cold war.
http://motherboard.vice.com/read/hac...cyber-cold-war
Hack of NSA-Linked Group Signals a Cyber Cold War
Written by
Lorenzo Franceschi-Bicchierai
August 16, 2016 // 01:52 PM EST
REMEMBER the two core key cornerstones of Russian non linear warfare is information warfare and cyber warfare....
Taken from the active site
https://twitter.com/shadowbrokerss
10.Equation Group Cyber Weapons Auction - Invitation
11.- ------------------------------------------------
12.
13.!!! Attention government sponsors of cyber warfare and those who profit from it !!!!
14.
15.How much you pay for enemies cyber weapons? Not malware you find in networks. Both sides, RAT + LP, full state sponsor tool set? We find cyber weapons made by creators of stuxnet, duqu, flame. Kaspersky calls Equation Group. We follow Equation Group traffic. We find Equation Group source range. We hack Equation Group. We find many many Equation Group cyber weapons. You see pictures. We give you some Equation Group files free, you see. This is good proof no? You enjoy!!! You break many things. You find many intrusions. You write many words. But not all, we are auction the best files.
16.
17.Picture Urls
18.- ------------
19.http://imgur.com/a/sYpyn
20.https://theshadowbrokers.tumblr.com/
21.https://github.com/theshadowbrokers/EQGRP-AUCTION
Last edited by OUTLAW 09; 08-16-2016 at 06:47 PM.
The main twitter page link for theshadowsbrokers has been disabled and removed.
https://www.washingtonpost.com/world...mepage%2Fstory
Powerful NSA hacking tools mysteriously surface online
Serious question now becomes for the ever reluctant Obama WH to confront Russia...WHEN will they have to actually push back with a very well thought through cyber attack to signal to Putin to "stand down"....The release of the cache of files could pose severe consequences for the National Security Agency’s operations and the security of government and corporate computers. “Without a doubt, they’re the keys to the kingdom,” said a former employee who worked in the agency’s hacking division.
We are now in a full scale cyber war that the Obama WH does not quite want to believe it possible....THAT happens when your opponent views you as a weak leader for never pushing back in eastern Ukraine and or in Syria and or in their constant INF nuclear violations...
Wikileaks Published Dozens of Malware Links in Email Dump
http://gizmodo.com/wikileaks-publ
Posting Permissions
Bookmarks