- Sputnik International
World
Get the latest news from around the world, live coverage, off-beat stories, features and analysis.

Kaspersky Lab Uncovers More Evidence Linking NSA to Infamous Hackers

© REUTERS / Kacper Pempel/Files A man types on a computer keyboard
A man types on a computer keyboard - Sputnik International
Subscribe
Researchers from the Russia-based cybersecurity group Kaspersky Lab have uncovered more evidence tying the United States’ National Security Agency to a shadowy group of hackers.

The hacking collective, dubbed “Equation Group,” must have been sponsored by a nation-state with vast resources in order to operate, Kaspersky analysts assert.

The strongest evidence connecting the NSA to Equation Group is the string "BACKSNARF_AB25," which was embedded in a sample of the Equation Group cyberespionage platform known as "EquationDrug."

Hacking - Sputnik International
'Equation Group' Spyware Highly Effective, Culprit Hard to Identify

"BACKSNARF," according to page 19 of an undated NSA presentation that was obtained by Ars Technica, was the name of a project tied to the NSA's Tailored Access Operations.

“While the presence of the 'BACKSNARF' artifact isn't conclusive proof it was part of the NSA project by that name, the chances that there were two unrelated projects with nation-state funding seems infinitesimally small,” Dan Gooding of Ars Technica points out.

A new report published Wednesday by Kaspersky notes that timestamps stored inside the Equation Group malware showed that hackers almost exclusively worked Monday through Friday. Assuming they worked from 8 a.m. to 5 p.m., employees likely were working in the eastern part of the US.

It is unlikely the timestamps were intentionally manipulated, the report states, since the years listed in various executable files match the availability of computer platforms the files ran on.

elePHPant visits symantec - Sputnik International
Symantec Calls Equation Group’s Cyber Attacks State-Sponsored Espionage

Last month, Kaspersky revealed details about an Equation Group operation the led to some 500 infections in at least 30 countries, including Russia, Iran, Pakistan, Afghanistan, India and Syria. The operation targeted banks, foreign governments, embassies, energy and infrastructure, media, telecommunications sectors and Islamist groups.

While those revelations triggered media reports about the US National Security Agency being behind the espionage, Kaspersky has stopped short of ever saying Equation Group was the handiwork of the NSA.

Another connection is the similarity between Equation Group’s interdiction and that of the NSA, as evidenced in documents leaked by NSA whistleblower Edward Snowden.

According to Gooding, the Equation Group, regardless of what agency it is operating under, is “hands down the world's most advanced hacking operation ever to come to light.”

Newsfeed
0
To participate in the discussion
log in or register
loader
Chats
Заголовок открываемого материала