Hacking & Spying
Get flash to fully experience Pearltrees
Gamma Group Gamma Group markets its FinFisher surveillance product to governments, but researchers say it may be used more broadly. Facebook Twitter Google+ Save E-mail Share Print It is one of the more elusive commercial cyberespionage tools available. It is marketed as a way for governments to spy on criminals. And for over a year, virus hunters unsuccessfully tried to track it down.
A security firm said Thursday that it had discovered what it believed was the fourth state-sponsored computer virus to surface in the Middle East in the last three years, apparently aimed at computers in Lebanon. The firm, Kaspersky Lab, said that the virus appeared to have been written by the same programmers who created Flame, the data-mining computer virus that was found to be spying on computers in Iran in May, and that it might be linked to Stuxnet, the virus that disrupted uranium enrichment work in Iran in 2010. The latest virus, nicknamed Gauss after a name found in its code, has been detected on 2,500 computers, most in Lebanon, the firm said.
<img class="aligncenter size-full wp-image-59501" title="Predator cockpit_s" src="http://www.wired.com/images_blogs/dangerroom/2011/10/Predator-cockpit_s.jpg" alt="" width="600" height="400" /> A computer virus has infected the cockpits of America’s Predator and Reaper drones, logging pilots’ every keystroke as they remotely fly missions over Afghanistan and other warzones. The virus, first detected nearly two weeks ago by the military’s Host-Based Security System , has not prevented pilots at Creech Air Force Base in Nevada from flying their missions overseas. Nor have there been any confirmed incidents of classified information being lost or sent to an outside source. But the virus has resisted multiple efforts to remove it from Creech’s computers, network security specialists say. And the infection underscores the ongoing security risks in what has become the U.S. military’s most important weapons system.
Who knew that when the Messiah arrived to herald the Day of Judgment he’d first root through computers to steal documents and record conversations? That’s what Mahdi, a new piece of spyware found targeting more than 800 victims in Iran and elsewhere in the Middle East, has been doing since last December, according to Russia-based Kaspersky Lab and Seculert , an Israeli security firm that discovered the malware . Mahdi, which is named after files used in the malware, refers to the Muslim messiah who, it’s prophesied, will arrive before the end of time to cleanse the world of wrongdoing and bestow peace and justice before Judgment Day. But this recently discovered Mahdi is only interested in one kind of cleansing – vaccuuming up PDFs, Excel files and Word documents from victim machines.
It’s early February in Cancun, Mexico . A group of 60 or so financial analysts, reporters, diplomats, and cybersecurity specialists shake off the previous night’s tequila and file into a ballroom at the Ritz-Carlton hotel. At the front of the room, a giant screen shows a globe targeted by crosshairs. Cancun is in the center of the bull’s-eye. A ruddy-faced, unshaven man bounds onstage. Wearing a wrinkled white polo shirt with a pair of red sunglasses perched on his head, he looks more like a beach bum who’s lost his way than a business executive.
Illustration by Robert Neubecker. The news on Wednesday sounded like the setup for a lame Silicon Valley joke. Russian hackers stole 6 million passwords from LinkedIn . Did they mistranslate “ world’s largest professional network ” as “professional network that people actually use”? Where will they strike next, Google+? What are they going to do now that they’ve hacked all of those accounts, sell a bunch of résumés on the black market?