Free Republic

Cybersecurity firm Kaspersky Lab announced that it has detected an intrusion into its own systems, and you'll never believe who the company thinks is behind it. CEO Eugene Kaspersky claims a nation-state hacked into his company's network in order to steal information about its technologies. The unidentified hackers exploited security flaws in Microsoft Software Installer files to infect Kaspersky's network with malware. Kaspersky is referring to the malware as "Duqu 2.0", because it appears to be tied to the same cybercriminals that used Duqu malware to attack Iran, India, France and Ukraine a few years ago. Back then, the hackers...

Sean Brian Townsend is an independent researcher in the field of information and computer security, a member and the spokesman of the Ukrainian Cyber Alliance. He explains how Kaspersky Lab and the FSB hacked and leaked the secret NSA tools under the guise of The Shadow Brokers hacker group. These leaks became the origin of WannaCry, NotPetya, and BadRabbit ransomware attacks. The editors of InformNapalm may not share the opinions of the authors in the [opinion] section, and does not alter the original style of the articles. Antivirus software – myths and reality The activities of antivirus (AV) companies are...

The super-sophisticated malware that infiltrated Kaspersky Labs is more crafty than first imagined. We're told that the Duqu 2.0 software nasty was signed using legit digital certificates issued to Foxconn – a world-leading Chinese electronics manufacturer, whose customers include Microsoft, Dell, Google, BlackBerry, Amazon, Apple, and Sony. The code-signing was uncovered by researchers at Kaspersky Lab, who are studying their Duqu 2.0 infection. Windows trusts Foxconn-signed code because the Chinese goliath's certificate was issued by VeriSign, which is a trusted certificate root. Thus, the operating system will happily load and run the Foxconn-signed Duqu 2.0's 64-bit kernel-level driver without setting...

Earlier this spring, the cybersecurity firm Kaspersky was testing an advanced antivirus software on one of its computers when it stumbled on something big: As the Moscow-based company puts it, it was "one of the most skilled, mysterious and powerful" spy viruses in the world. The piece of software was so sophisticated that it left few traces. It didn't leave files on the disk drive, and to stay hidden, it burrowed inside a computer's kernel memory, which is the place where a computer's most basic software is kept.Kaspersky says it assigned a team to watch its movements, and the team...

Security experts have discovered a new data-stealing virus dubbed Flame they say has lurked inside thousands of computers across the Middle East for as long as five years as part of a sophisticated cyber warfare campaign. It is the most complex piece of malicious software discovered to date, said Kaspersky Lab security senior researcher Roel Schouwenberg, whose company discovered the virus. The results of the Lab's work were made available on Monday. Schouwenberg said he did not know who built Flame. If the Lab's analysis is correct, Flame could be the third major cyber weapon uncovered after the Stuxnet virus...

Duqu, Stuxnet malware developed by same groupPosted on 20 Jan 2012 at 2:29pm The infamous Trojan software Duqu and Stuxnet were developed by only one group of malware developers, according to Internet security firm Kaspersky Lab. In fact, Kaspersky said the malware development team could already have developed other malwares using the same platform that was flexibly adaptable to specific targets. Kaspersky released a report stating that Duqu and Stuxnet, as well as a number of malware discovered in 2011 were using a development platform called “Tilded,” citing the use of the tilde symbol (“~”) in many of these malware....

The Stuxnet virus that last year damaged Iran's nuclear program was likely one of at least five cyber weapons developed on a single platform whose roots trace back to 2007, according to new research from Russian computer security firm Kaspersky Lab. SNIP Stuxnet has already been linked to another virus, the Duqu data-stealing trojan, but Kaspersky's research suggests the cyber weapons program that targeted Iran may be far more sophisticated than previously known. Kaspersky's director of global research & analysis, Costin Raiu, told Reuters on Wednesday that his team has gathered evidence that shows the same platform that was used...

Computer virus similar to Stuxnet detected in Europe; designed to capture keystrokes and gain remote access; US issues public alert. WASHINGTON - First there was the Stuxnet computer virus that wreaked havoc on Iran's nuclear program. Now comes "Duqu," which researchers on Tuesday said appears to be quite similar. Security software firm Symantec said in a report it was alerted by a research lab with international connections on Friday to a malicious code that "appeared to be very similar to Stuxnet." It was named Duqu because it creates files with "DQ" in the prefix. The US Department of Homeland Security...

Washington, Oct.19 (ANI): Security researchers have detected a new Trojan, scarily similar to the infamous Stuxnet worm, which could disrupt computers controlling power plants, oil refineries and other critical infrastructure networks. The Trojan, dubbed "Duqu" by the security firm Symantec, appears, based on its code, to have been written by the same authors as the Stuxnet worm, which last July was used to cripple an Iranian nuclear-fuel processing plant, Fox News reports.