Exploit This

Security News, Exploits, and Vulnerabilities.

USB threats from malware to miners

In 2016, researchers from the University of Illinois left 297 unlabelled USB flash drives around the university campus to see what would happen. 98% of the dropped drives were picked up by staff and students, and at least half were plugged into a computer in order to view the content. For a hacker trying to infect a computer network, those are pretty irresistible odds.

Inside the EquationDrug Espionage Platform

EquationDrug represents the main espionage platform from the Equation Group. It’s been in use for over 10 years, replacing EquationLaser until it was itself replaced itself by the even more sophisticated GrayFish platform.

Equation Group: from Houston with love

In 2009, an international scientific conference on Energy and Space technologies was held in Houston. The organizers sent out a post-meeting CDROM. The disk used in the Houston attack represents a rare and unusual operation for the Equation Group.

A Fanny Equation: “I am your father, Stuxnet”

During our 2014 research into the Equation group, we created a special detection for the group’s exploitation library, codenamed “PrivLib”. To our surprise, this detection triggered a worm from 2008 that used the Stuxnet LNK exploit to replicate, codenamed Fanny.

Equation: The Death Star of Malware Galaxy

The Equation group is a highly sophisticated threat actor that has been engaged in multiple CNE (computer network exploitation) operations dating back to 2001, and perhaps as early as 1996. It is probably one of the most sophisticated cyber attack groups in the world.

%d bloggers like this: