Equation Group Creates "The Death Star Of Malware"
According to the Kaspersy Labs Global Research and Analysis Team (GREAT), one piece of malware has infected thousands of victims throughout the world. The team suggests that it may be possible that tens of thousands of victims have been infected with malware made by Equation APT, or The Equation Group, through a number of "implants" – otherwise known as Trojans. These infection points are called upon by Kaspersy to identify the spread. Kaspersy calls this team of hackers The Equation group – their real identities remain a mystery.
This system was likely initiated around 10 years ago, with one of the most malicious bits popping up in 2008. The computer worm called "Fanny" was discovered during the first discovery of Stuxnet through two zero-day exploits in computers throughout the Middle East and Asia.
Stuxnet, as you may remember, was said to originate with USA and Israeli governments back in 2011 and produced in 2012 for the public.
According to an unnamed "former NSA employee" speaking with Reuters, "Kaspersy's analysis was correct", that this newly discovered system used the Stuxnet LNK exploit and USB sticks.
What's NOT explicitly confirmed is whether or not it was the NSA who was behind this Fanny computer worm or any of the Equation Group's actions.
"The Equation group is a highly sophisticated threat actor that has been engaged in multiple CNE (computer network exploitation) operations dating back to 2001, and perhaps as early as 1996," said Kaspersy Lab's paper this week. "The Equation group is probably one of the most sophisticated cyber attack groups in the world; and they are the most advanced threat actor we have seen."
You can see the full paper "Equation Group: Questions and Answers" version 1.5 from February 2015 now via NetDNA and Kaspersky Lab HQ, 39A/3 Leningradskoe Shosse, Moscow, 125212, Russian Federation.
The following news report comes from Russia-based TBU news group and suggests that the United States has denied activities within the Equation Group.
Meanwhile the Kaspersky Security Analyst Summit has been taking place (between February 15th – 19th) in Cancun Mexico. Look at how dramatic!
Finally you'll see Kaspersky team member speaking about the news at the Security Analysis Summit on the subject: