NSA Reprograms Disk Firmwares

NSA official seal
Researchers at Kaspersky Lab have uncovered a cyberespionage group that has been operating for at least 15 years, infecting thousands of computers all around the world, and has  supported the attackers behind Stuxnet and Flame.

 

It is understood that this group is in fact the NSA. However the researchers not wanting to call names, have dubbed it  “The Equation Group”.

 

One malware designed by the NSA, GRAYFISH, has a module that is able to infect  the hard drive (HDD) firmware. This capability gives it extreme persistence since it can survive disk formatting and OS reinstall.

 

The researchers say : ” HDD firmware reprogramming module is extremely rare. During our research, we’ve only identified a few victims who were targeted by this module. This indicates that it is probably only kept for the most valuable victims”.

NO COMMENTS

LEAVE A REPLY