Good Hunting... from Varmint Al
Posted on 12/20/2020 2:00:33 PM PST by ATOMIC_PUNK
White House National Security Council establishes unified group to coordinate response across federal agencies to the threat. FireEye, which last Sunday disclosed a compromise at network management software vendor SolarWinds that allowed an unknown attacker to distribute malware to potentially thousands of organizations, has identified a killswitch that it says would prevent the malware from operating on infected networks.
But in networks where the attackers might have already deployed additional persistence mechanisms, the killswitch will not remove the threat from victim networks, according to the security vendor.
FireEye on Sunday said that an investigation it was conducting into a breach of its own network last week uncovered a threat actor widely distributing a backdoor dubbed SUNBURST by hiding it in legitimate updates of SolarWinds' Orion network management technology.
SUNBURST (SolarWinds.Orion.Core.BusinessLayer dot dll) is a sort of first-stage Trojan that the attackers were using to drop additional payloads for escalating privileges, lateral movement, and data theft on infected networks, FireEye explained. The stealth, planning, and precision with which the attack was executed had all the hallmarks of a nation state-backed actor, the vendor said. FireEye is currently tracking the threat actor as UNC2452, but says it has not been able to identify whether and on whose behalf it might be operating.
Security experts as well as some members of Congress who received classified briefings on the attack, point to Russia as the likely perpetrator.
This story reminds me of Marcus Hutchins . He was a hacker who was pushed into doing bad things but redeemed himself by discovering the kill switch for a truly wicked virus.
12/16. Outdated.
Good Hunting... from Varmint Al
β...SUNBURST (SolarWinds.Orion.Core.BusinessLayer dot dll) is a sort of first-stage Trojan that the attackers were using to drop additional payloads for escalating privileges, lateral movement, and data theft on infected networks, FireEye explained....
...Security experts as well as some members of Congress who received classified briefings on the attack, point to Russia as the likely perpetrator....β
***************************************************************
Of course itβs Russia, Russia, Russia. Why would we ever suspect China. The Chinese would NEVER be interested in stealing sensitive data and information from us. /SARC
So, what he did was to fly into town, setup in a fancy hotel and hack away. After a few days or a week he would surface at the plant and call a meeting with local management, IT and security. He'd brief them on if and how he penetrated into their networks and what he could see, change or steal. Corporate used the detail information to plug security holes.
So, it sounds like there isn’t any evidence that it was Russia. It’s just who they want it to be.
Marcus Hutchins, born in 1994-5, also known online as MalwareTech, is a British computer security researcher known for temporarily stopping the WannaCry ransomware attack. He is employed by cybersecurity firm Kryptos Logic. Hutchins is from Ilfracombe in Devon.
Doesn’t do that to mine sounds like you may already have a malware problem !
While at the University of Arizona I knew a hacker who busted into the system simply to have game time. He eventually got caught but ended up being hired as a security expert somewhere.
It does not do that to me. VirusTotal shows the site as clean.
You might be logged into Facebook, Twitter, or LinkedIn (or another Microsoft site)
Each of those have a plug in to send out the link to friends on that page.
You are likely your own problem.
#4 I see it in Firefox. Not the full address.
It does not display in Edge, Chrome or IE11
I don’t want to say it’s China but its China. π
The hacker is unknown.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.