The latest threat report from Kaspersky suggests hard drives may have been spying on us for more than a decade. Infiltrating storage devices is just one component of the Equation Group, a "threat actor that surpasses anything known in terms of complexity and sophistication of techniques." The depressing news is outlined in this blog post by the security company.
According to the firm, the Equation Group comprises at least six trojans dating back to 2001. Systems have been infiltrated in over 30 countries, Kaspersky says, and some elements of the group likely remain undiscovered. "Solid links" also tie the Equation Group to Stuxnet and Flame trojans.
The Equation Group's capabilities reportedly include reprogramming the firmware of hard drives from every major brand. Once infected, drives can create hidden partitions, store data for future retrieval, prevent data from being deleted, and alter data that's being accessed. At least one of the trojans can potentially snoop passwords associated with full-disk encryption, as well. And, as if that weren't bad enough, it's basically impossible to determine whether a drive has been affected.
One of the trojans is designed to compromise machines that aren't connected to the Internet. It hides on USB flash drives, has the same hidden partition mojo, and can report back to the mothership when network conditions allow.
Although there's no mention of similar trojans for SSDs, anyone targeting mechanical storage probably isn't ignoring the solid-state alternatives. The entity behind the Equation Group appears to have sufficient resources and expertise to get into whatever it wants. More details are available in this SecureList post and this Q&A document (PDF).
|Samsung's Notebook 9 portables rock eighth-gen Core i7s||2|
|Thursday deals: a nice Z370 mobo, a huge VA display, and more||0|
|Rumor: Ryzen 2 set for Q1 2018 and a Fenghuang APU breaks cover||42|
|TR's 2017 Christmas giveaway: eight days left and counting||7|
|MSI gives Radeon RX Vega cards an Air Boost||22|
|Corsair's latest SO-DIMM kit takes 32 GB of DDR4 to 4000 MT/s||8|
|Report: Intel Inside co-marketing program will get a budget cut||32|
|Gingerbread House Day Shortbread||17|
|iMac Pro details and release date come into focus||49|
|Full disclosure: while I work for Intel; the opinions I express here are my own I think I understanding the issue you ran into. For the Braswell platf...||+36|