US government is now the biggest buyer of malware, Reuters reports

TheKid7 · May 12, 2013

US government is now the biggest buyer of malware, Reuters reports:

The US government is waging electronic warfare on a vast scale — so large that it's causing a seismic shift in the unregulated grey markets where hackers and criminals buy and sell security exploits, Reuters reports...........
Click to expand...

http://www.theverge.com/2013/5/10/4...-threatens-cybersecurity-former-officials-say

Special Report: U.S. cyberwar strategy stokes fear of blowback

(Reuters) - Even as the U.S. government confronts rival powers over widespread Internet espionage, it has become the biggest buyer in a burgeoning gray market where hackers and security firms sell tools for breaking into computers...........
Click to expand...

http://www.reuters.com/article/2013/05/10/us-usa-cyberweapons-specialreport-idUSBRE9490EL20130510

xxJackxx · May 13, 2013

TheKid7 said:

US government is now the biggest buyer of malware...
Click to expand...

I guess that means they don't know how to write their own...

guest · May 13, 2013

xxJackxx said:

I guess that means they don't know how to write their own...
Click to expand...

Hahaha..., that's somewhat true if we think about it. I'm pretty sure that they'll give people lots of the so-called legal excuses. Just hopefully no AV vendors will whitelist those government malware like Norton-FBI.

SweX · May 13, 2013

GrafZeppelin said:

Just hopefully no AV vendors will whitelist those government malware like Norton-FBI.
Click to expand...

Afaik every vendor do add protection against them. At least I have seen no reports so far that says otherwise.

guest · May 13, 2013

SweX said:

Afaik every vendor do add protection against them. At least I have seen no reports so far that says otherwise.
Click to expand...

Folks at Norton don't think so...

The FBI confirmed the active development of Magic Lantern, a keylogger intended to obtain passwords to encrypted e-mail and other documents during criminal investigations. Magic Lantern was first reported in the media by Bob Sullivan of MSNBC on 20 November 2001 and by Ted Bridis of the Associated Press. The FBI intends to deploy Magic Lantern in the form of an e-mail attachment. When the attachment is opened, it installs a trojan horse on the suspect's computer, which is activated when the suspect uses PGP encryption, often used to increase the security of sent e-mail messages. When activated, the trojan will log the PGP password, which allows the FBI to decrypt user communications. Symantec and other major antivirus vendors have whitelisted the Magic Lantern trojan, rendering their antivirus products, including Norton AntiVirus, incapable of detecting it. Concerns around this whitelisting include uncertainties about Magic Lantern's full surveillance potential and whether hackers could subvert it and redeploy it for purposes outside of law enforcement.
Click to expand...

Source: http://en.wikipedia.org/wiki/Norton_antivirus

mirimir · May 13, 2013

Most of this stuff uses zero-day exploits, right?

Baserk · May 13, 2013

Yep, it does. According to the article;

"My job was to have 25 zero-days on a USB stick, ready to go," said a former executive at a defense contractor that bought vulnerabilities from independent hackers and turned them into exploits for government use.
Click to expand...

Let's see how this offensive mindset plays out.
Like with the current 'online probing' of the main US industrial/energy sector by Iranfrom the Middle East, apparantly looking for potential sabotage targets instead of 'usual' IP theft victims. link.

Acknowledging the strategic trade-offs, former NSA director Michael Hayden said: "There has been a traditional calculus between protecting your offensive capability and strengthening your defense. It might be time now to readdress that at an important policy level, given how much we are suffering."
Click to expand...

(edit: In the Reuters article, Hayden comments on all attacks, not just the linked current affair).

CloneRanger · May 13, 2013

The US government is waging electronic warfare on a vast scale
Click to expand...

So they think it's OK for them, but Everybody else musn't do it Oh, & they don't see Any hypocrisy in complaining when they do

What a set of dingbats

J_L · May 13, 2013

This is just an extension of physical warfare that the U.S. is widely known for, due to their ideals.

RJK3 · May 14, 2013

CloneRanger said:

So they think it's OK for them, but Everybody else musn't do it Oh, & they don't see Any hypocrisy in complaining when they do
Click to expand...

That's their attitude to nuclear armaments and biological warfare, so it's no surprise.

xxJackxx · May 14, 2013

GrafZeppelin said:

Folks at Norton don't think so...
Click to expand...

Norton was never great with keyloggers. I don't have any of the samples anymore because they got deleted but a couple of years ago I had 25 keyloggers and loaded them all in a virtual machine with every AV I could get my hands on at the time. Kaspersky got 23 and Outpost Security suite got 22 of them. Nobody else came close, and Norton detected zero.

Again, I no longer have the files and those product versions would be outdated now so you don't have to give me any credibility on that statement if you don't want to. Just sharing what I found at the time.

Log in or Sign up

US government is now the biggest buyer of malware, Reuters reports

TheKid7 Registered Member

xxJackxx Registered Member

guest Guest

SweX Registered Member

guest Guest

mirimir Registered Member

Baserk Registered Member

CloneRanger Registered Member

J_L Registered Member

RJK3 Registered Member

xxJackxx Registered Member

Log in or Sign up

US government is now the biggest buyer of malware, Reuters reports

TheKid7 Registered Member

xxJackxx Registered Member

guest Guest

SweX Registered Member

guest Guest

mirimir Registered Member

Baserk Registered Member

CloneRanger Registered Member

J_L Registered Member

RJK3 Registered Member

xxJackxx Registered Member

Useful Searches