• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • April 23rd, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Surveillance
NSA

NSA Hiding Undetectable Spyware in Hard Drives Worldwide

February 17th, 2015 Pushpa Mishra Malware, NSA, Privacy, Security, Surveillance 0 comments
NSA Hiding Undetectable Spyware in Hard Drives Worldwide
Share on FacebookShare on Twitter

The US National Security Agency (NSA) hid undetectable spying software within the hard drives of computers, be it of any make, says a Moscow-based cyber security researcher and software maker.

Several personal computers (more than tens of thousands) in more than 30 countries were infected with one or more of the spying programs, said Kaspersky Lab, the Russian security software maker. The infections were most prevalent in Iran, Russia, Pakistan, Afghanistan, India, China, Mali, Syria, Yemen and Algeria and were going on since more than a decade.

nsa-hiding-undetectable-spyware-in-hard-drives-worldwide

The spyware targeted government and military institutions, telecommunication companies, banks, research and defense institutions, nuclear researches, media and Islamic activists.

The spies, dubbed as Equation Group by researchers because of their affinity for encryption formulae and algorithms, lodged malicious software in the obscure code called firmware. Disk drive firmware is a very precious part of a PC next to BIOS and launches every time a computer is turned on.

“The hardware will be able to infect the computer over and over,” said Costin Raiu, the lead Kaspersky researcher.

Once lodged, the spies had complete control of the system. One of its malware platforms was capable of rewriting the hard drive firmware of the infected computers. It created a secret storage vault that could survive military-grade disk wiping and reformatting. The breach could not be detected even through layers of anti-virus programs.

Reuters reported that the group also used various means to spread the infection such as compromising jihadi websites, infecting USB sticks, CDs, and developing a self-spreading computer worm [Fanny].

“It’s very dangerous and bad because once a hard drive gets infected with this malicious payload it’s impossible for anyone, especially an antivirus [provider], to scan inside that hard drive firmware. It’s simply not possible to do that,” he added.

The authors of the spying program must have had access to the proprietary source code directing the actions of the hard drives because it is almost impossible for someone to “rewrite the 1/8hard drive 3/8 operating system using public information.”

“This is an incredibly complicated thing that was achieved by these guys, and they didn’t do it for one kind of hard drive brand,” Raiu said.

The operators of the still-active spying campaign could infect machines of any make, which include Western Digital Corp, Seagate Technology Plc, Toshiba Corp, IBM, Micron Technology Inc and Samsung Electronics Co Ltd.

Western Digital spokesman Steve Shattuck denied sharing any source code with any government agencies.

Likewise, Segate and Micron also denied that their products could be compromised and that they were quite secure against any tampering or reverse engineering.

Toshiba and Samsung declined to comment. IBM did not respond to requests for comment.

Although the firm denied divulging the country behind the cyberespionage, it hinted that the country was linked to Stuxnet, the NSA-led cyberweapon that attacked Iran’s uranium enrichment facility and destroyed almost one-fifth of the country’s nuclear centrifuges.

A former NSA employee did confirm the lab’s analysis, while another intelligence operative agreed that NSA had developed technique of hiding spyware in hard drives.

However, NSA spokeswoman Vanee Vines declined to comment.

The company published the technical details of its research on Monday to help the infected institutions take preventive and corrective measures.

The disclosure may further tarnish and damage NSA’s surveillance abilities, which have been already constrained following leaks of the classified files by Edward Snowden, a former NSA contractor.

  • Tags
  • Edward Snowden
  • government
  • Malware
  • National Security Agency
  • NSA
  • PRISM
  • security
  • Spying
  • Surveillance
Facebook Twitter LinkedIn Pinterest
Previous article Gaza Hackers Successfully Target Israel with ‘Porn Star Video’ Malware
Next article Pakistan arrests FBI’s most-wanted Cyber criminal
Pushpa Mishra

Pushpa Mishra

Pushpa is a Dubai based scientific academic editor who worked for Reuters' Zawya business magazine and at the same time a passionate writer for HackRead. From the very first day she has been a blessing for team Hackread. Thanks to her dedication and enthusiasm.

Related Posts
Hacked Android phones mimicked connected TV products for fake ad views

Hacked Android phones mimicked connected TV products for fake ad views

Signal CEO hacks Cellebrite cellphone hacking, cracking tool

Signal CEO hacks Cellebrite cellphone hacking, cracking tool

Play Store apps plagued with malware have 700,000 downloads

Play Store apps plagued with malware have 700,000 downloads

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Hacked Android phones mimicked connected TV products for fake ad views
Cyber Crime

Hacked Android phones mimicked connected TV products for fake ad views

Signal CEO hacks Cellebrite cellphone hacking, cracking tool
Hacking News

Signal CEO hacks Cellebrite cellphone hacking, cracking tool

Play Store apps plagued with malware have 700,000 downloads
Security

Play Store apps plagued with malware have 700,000 downloads

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us