• @mvirts
    link
    English
    1691 year ago

    “the malware is written in the Visual Basic Scripting language.” is where I stopped 😹 lol at least we know the Russians are suffering.

      • @[email protected]
        link
        fedilink
        English
        91 year ago

        I had FF3 broken up into a few files and renamed and disbursed through the school network so I’d just pull them all into a local file at the computer I was working at in the lab and play during class. I thought I was the shit.

    • El Barto
      link
      English
      101 year ago

      Are they? Because if the worm is successfully spreading… 🤷

      It’s funny, though…

        • @Anomalous_Llama
          link
          English
          21 year ago

          They’ve been exporting their suffering to Ukraine the last few years as well.

    • @[email protected]
      link
      fedilink
      English
      -101 year ago

      I’m not following. VBScript seems like the right tool. Why would they use something else? They’re generally light years beyond US defense capabilities so there’s a real dearth of suffering on their side.

      Now if the joke is that they’re suffering because they have to use VBScript, I can get behind that

      • @mvirts
        link
        English
        191 year ago

        WScript.Echo “Just saying if I was invited onto a team intent on wreaking havoc upon our enemies, I would probably quit after 100 lines of calling windows apis in VBScript” & vbNewLine

          • @mvirts
            link
            English
            51 year ago

            Nothing wrong with that! VB isn’t fundamentally bad, I’m just accustomed to C family langs

  • TWeaK
    link
    fedilink
    English
    311 year ago

    Meanwhile if you load Baofeng software from a few years ago antivirus software today will ping out. It never used to ping out, such is the nature of zero days.

    Meanwhile Israel has been selling weapons grade hacking technology for decades, they’ve been directly linked to the assassination of Jamal Khashoggi as well as the Mexican cartels.

    Meanwhile Argentina happens to be the hub for zero day exploits, with a bunch of hackers inventing their own shit and selling directly to state actors or whoever will pay.


    The only way you can remain secure is to regularly install a fresh OS. Change my mind.

    • @Agent641
      link
      English
      491 year ago

      The only way to be truly secure is to throw your computer into the sea and return, naked and fearless, into the forest from whence we came.

      • Billegh
        link
        English
        51 year ago

        But what about the bears?!?

        • @Agent641
          link
          English
          101 year ago

          What part of ‘fearless’ dont you understand?

          • @ikidd
            link
            English
            21 year ago

            I’ve got naked down pat.

          • Remmock
            link
            fedilink
            11 year ago

            I got that nickname because I used to wear No Fear shirts in High School.

        • @Thranduil
          link
          English
          11 year ago

          Are they moon bears or saturn bears?

      • @[email protected]
        link
        fedilink
        English
        31 year ago

        This is just return to monke but more poetic… … I’m here for it.

        … Except for the bugs. I’d rather deal with software bugs than jungle bugs…

    • @[email protected]
      link
      fedilink
      English
      311 year ago

      Change my mind.

      Sure. Even regularly installing a new OS doesn’t necessarily keep you secure if someone wanted to discreetly install malware on your device. In addition to firmware-level rootkits that re-install themselves on fresh OSs (even platform-agnostic ones), it’s possible that someone might interdict whatever hardware is bought and implant it with additional small hardware that compromises it in some way.

    • Pons_Aelius
      link
      fedilink
      141 year ago

      Change my mind.

      In the end, if you are not of interest to a nation state hacker (or a member of a drug cartel) you have nothing to fear from the things you listed.

      But that won;t change your mind.

      • @[email protected]
        link
        fedilink
        English
        71 year ago

        Your incorrect assumption is that only cartels and nation states are using said software. Weaponized versions of this stuff are making their way to consumer levels where you just need to piss off the wrong person online. I don’t worry about the US government targeting me beyond normal levels; I worry about employers deploying spyware.

        • Pons_Aelius
          link
          fedilink
          -31 year ago

          I worry about employers deploying spyware.

          If you are using their equipment, it is not spyware and you should expect to be under surveillance when using it.

          If you are allowing them to install shit on your devices, the fault is all yours.

          • @[email protected]
            link
            fedilink
            English
            31 year ago

            Once again, you’re making incorrect assumptions. My concern is employers using the spyware we’re talking about without consent on devices they don’t control. Take a minute to think through before responding. Why would I be worried about either of the two things you mentioned?

    • @[email protected]
      link
      fedilink
      English
      51 year ago

      Unless you’re rotating accounts and not posting anything on the internet ever, going so far as to use an in-memory OS like Tails won’t protect you.

  • @A_A
    link
    English
    211 year ago

    (…) computer worm designed to spread from computer to computer through USB drives.

    • @7u5k3n
      link
      English
      341 year ago

      It absolutely works. My company spends a ton of time and resources in an attempt to prevent folks from plugging in random USB drives. Classes to user restrictions. Amazing how some folk are.

      • nakal
        link
        fedilink
        101 year ago

        Of course, but OP wanted to implicate that this worm stays local in a network. You need an USB stick to carry it over.

        • @[email protected]
          link
          fedilink
          English
          111 year ago

          I’m pretty sure the word you want is “imply.” Although what the Russians are doing with corrupt USBs is a crime, OP isn’t implicated in it.

        • @A_A
          link
          English
          21 year ago

          This is just about right :
          in fact I wanted to know how we are exposed (or not exposed) to this. …to know what we have to do to limit exposure.

        • @7u5k3n
          link
          English
          11 year ago

          Absurd! They could be missing out on so much potential profit!

        • @7u5k3n
          link
          English
          21 year ago

          Lmfao I’ll pass that along.

  • TWeaK
    link
    fedilink
    English
    101 year ago

    Also, would this be the same group that hacked the Socchi Winter Olympics, soon after Russia was banned? The one that the US indicted and labelled as a “petulant child”?

        • @[email protected]
          link
          fedilink
          English
          31 year ago

          Correct. That’s what I called out with my second link. Your question was whether Gamaredon did Olympic Destroyer.

          • TWeaK
            link
            fedilink
            English
            31 year ago

            Ah I get what you’re saying. Would be more helpful if lemmy presented more than one comment in context when replying.

            • @[email protected]
              link
              fedilink
              English
              31 year ago

              I thought it was a really valuable question! There are several Russian APTs and you made me question my understanding of the attack. I had to reread some stuff to make sure I could answer you properly.

              • TWeaK
                link
                fedilink
                English
                21 year ago

                I mean I was mainly joking and shoehorning in another story I knew a bit more about, but thank you for the other links for me to read :)

  • AutoTL;DRB
    link
    fedilink
    English
    61 year ago

    This is the best summary I could come up with:


    A group of Russian-state hackers known for almost exclusively targeting Ukranian entities has branched out in recent months either accidentally or purposely by allowing USB-based espionage malware to infect a variety of organizations in other countries.

    “Gamaredon continues to focus on [a] wide variety [of] Ukrainian targets, but due to the nature of the USB worm, we see indications of possible infection in various countries like USA, Vietnam, Chile, Poland and Germany,” Check Point researchers reported recently.

    The image above, tracking submissions of LitterDrifter to the Alphabet-owned VirusTotal service, indicates that the Gamaredon malware may be infecting targets well outside the borders of Ukraine.

    The data suggests that the number of infections in the US, Vietnam, Chile, Poland, and Germany combined may be roughly half of those hitting organizations inside Ukraine.

    The core essence of the Spreader module lies in recursively accessing subfolders in each drive and creating LNK decoy shortcuts, alongside a hidden copy of the “trash.dll” file.

    “Comprised of two primary components—-a spreading module and a C2 module—it’s clear that LitterDrifter was designed to support a large-scale collection operation,” Check Point researchers wrote.


    The original article contains 744 words, the summary contains 185 words. Saved 75%. I’m a bot and I’m open source!

    • @nosnahc
      link
      English
      101 year ago

      You’re on lemmy but not using Linux?!?!!??! Wtf are you?! /s

        • @A_A
          link
          English
          01 year ago

          Nice joke 😋🤣 ! with the Macintosh. (since it is Windows, yes, you are protected).

          … read it yesterday and today again and only now I got it. Well, I am quite slow on the uptake for jokes 😆.