View Single Post
  #5   (View Single Post)  
Old 23rd January 2013
phyro phyro is offline
Port Guard
 
Join Date: Sep 2010
Posts: 27
Default

Quote:
just asking? don't you believe this was a media trick to hide on the java and its browser plugin nightmare? the timing is a bit weird...
The timing is not really odd other then they were able to monitor the malware for long enough to figure our what it does and who it was affecting.

Chances are if were only hearing about it now, DoD or DoHS or similar agency has been aware of it and tracking it for some amount of time.. judging by the white paper released someone spent a great deal of time figuring out how it works and what exactly its doing.

There are more troubling issues then this tho as it confirms that people/groups are going to great lengths to develop (AI) and or target specific malware.

In red Octobers case each target was specifically keyed, not only did it target a person but the malware was capable of key logging, screen shots, transferring data and mapping entire networks.

The Java part was just "part" of the problem, just as some .dll files that were exploited to preform crypto on specific files/md5 hash tags and specific .pdf documents.

My question is will networking tools and ids ever be s.m.r.t enough to be able to detect complex malware's such as this.

after all, in 5 years.. EVERYTHING failed to catch it except a really board human that was probably monitoring traffic manually. So the real question is ... "what else are we missing" Its a good bet some little retard is sitting in his hole somewhere laughing like some demented mad professor.

notice the silence of the "virus" giants in this matter? coodoo's to Kaspersky!

securelist has a complete break down of all 5 aspects of this wicked piece of malware

http://www.securelist.com/en/analysi...tage_of_Attack

Last edited by phyro; 23rd January 2013 at 06:28 PM.
Reply With Quote