Overclock.net › Forums › Industry News › Technology and Science News › [Ars] Black ops: how HBGary wrote backdoors for the government
New Posts  All Forums:Forum Nav:

[Ars] Black ops: how HBGary wrote backdoors for the government  

post #1 of 17
Thread Starter 
Quote:
On November 16, 2009, Greg Hoglund, a cofounder of computer security firm HBGary, sent an e-mail to two colleagues. The message came with an attachment, a Microsoft Word file called AL_QAEDA.doc, which had been further compressed and password protected for safety. Its contents were dangerous.
...

Given the number of rootkits apparently being developed for government use, one wonders just how many machines around the globe could respond to orders from the US military. Or the Chinese military. Or the Russian military.

While hackers get most of the attention for their rootkits and botnets and malware, state actors use the same tools to play a different game—the Great Game—and it could be coming soon to a computer near you.
Source

It's a really long article and contains elements of politics, but I posted it since it's an interesting read and gives an insight into the corporate side of cyber warfare.
Echo
(8 items)
 
   
CPUMotherboardGraphicsRAM
Intel Core i5-3570K Asus Maximus V Gene Asus Radeon HD 7970 3GB Mushkin Blackline 16GB 
Hard DriveHard DriveCaseOther
2x Samsung 830 256GB Seagate Barracuda 3TB Silverstone Temjin TJ08-E BeQuiet E9-700w 
CPUMotherboardRAMHard Drive
Intel i3-3225 ASUS P8B75-MLX Corsair Ballistix Tactical Western Digital Red 
OSPowerCaseOther
Ubuntu Corsair CX500M Norco RPC-4224 LSI SAS 9207-4i4e HBA 
Other
Chenbro CK22804 24-Port SAS Expander Card 
  hide details  
Echo
(8 items)
 
   
CPUMotherboardGraphicsRAM
Intel Core i5-3570K Asus Maximus V Gene Asus Radeon HD 7970 3GB Mushkin Blackline 16GB 
Hard DriveHard DriveCaseOther
2x Samsung 830 256GB Seagate Barracuda 3TB Silverstone Temjin TJ08-E BeQuiet E9-700w 
CPUMotherboardRAMHard Drive
Intel i3-3225 ASUS P8B75-MLX Corsair Ballistix Tactical Western Digital Red 
OSPowerCaseOther
Ubuntu Corsair CX500M Norco RPC-4224 LSI SAS 9207-4i4e HBA 
Other
Chenbro CK22804 24-Port SAS Expander Card 
  hide details  
post #2 of 17
TL; WR

Looks interesting with the excerpt.
Dev0
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II x6 1090T @ 3.8 GHz ASUS M4A78-E 790GX PowerColor HD Radeon 7850 2 GB 2x4 GB DDR2 800 
Hard DriveOptical DriveOSMonitor
Crucial M500 240 GB SSD Samsung Super WriteMaster DVD Burner 20x Windows 10 Pro x64 ASUS VH226H 21.5" 
KeyboardPowerCaseMouse
Logitech PC Power & Cooling 500W Antec Three Hundred Modded Microsoft 3-Button Mouse 
Mouse Pad
Cheap Soft Mousepad 
  hide details  
Dev0
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II x6 1090T @ 3.8 GHz ASUS M4A78-E 790GX PowerColor HD Radeon 7850 2 GB 2x4 GB DDR2 800 
Hard DriveOptical DriveOSMonitor
Crucial M500 240 GB SSD Samsung Super WriteMaster DVD Burner 20x Windows 10 Pro x64 ASUS VH226H 21.5" 
KeyboardPowerCaseMouse
Logitech PC Power & Cooling 500W Antec Three Hundred Modded Microsoft 3-Button Mouse 
Mouse Pad
Cheap Soft Mousepad 
  hide details  
post #3 of 17
yeah i have software/os called backtrack4 ,its a linux os derived from ubuntu thats loaded with tools for hacking/programming/packet sniffing,editing/wireless cracking/and password bruteforcing. problem is it is freeware due to the fact its based off of linux .

but who's to say it isnt laced with code meant to track the activity of its "end user" .

i have used it to retrieve data from damaged hard drives and to crack my mothers wifi since the cable company entered the wrong password and factory reset would not let us use the wireless . it worked great ,but i wonder how much of that information was being logged or transmitted elsewhere?

its no secret that our government as well as every other major world power have used and will continue to use cyber warfare.

infact go to youtube and search for"defcon" it's an anual hacker convention held in Las Vegas Nevada every year. its home to the best and brightest hackers in the industry.
a large majority of those hackers are united states Navy/Marines/Air Force/and other government entities .

moral of the story is any computer connected to the internet is "not safe" .
there are thousands of exploits ,payloads,protocalls that can be used to attack pretty much any machine with a network adapter.

there are some things one can do to better secure his/her machine .

one bit of advice i could share is get a network monitor i like ns auditor but eventualy u have to pay for the serial key for it.another method is to use cmd promt to do a netstat comand to see all connections to your machine .

if your not sure how to use the netstat simply type netstat/? then hit enter it will give u hints on which arguments to employ after the netstat command .

if you see something suspicious do a tracert on the suspected ip then a nslookup.

and never ever click unknown links in a messanger or e mail ,and never surf the web only browse known trusted sites.if you do encounter a site your not sure about just google statistics for the site before you load the page.

hope this helps somewhat.
budget junk
(13 items)
 
  
CPUMotherboardGraphicsRAM
phenomII x2 555 be unlocked to quad @3.4 gigabyte ma770t-ud3p ATI HD 5830 crucial,tracer ddr3,1600mhz 
Hard DriveOptical DriveOSMonitor
seagate baracuda 7200.12 500 gig LG Super multi win7 backtrack4 ubuntu asus VE228 21.5" 
KeyboardPowerCaseMouse
DELL SK-8135 rev:A00 corsair 650 good will $15.00 hudge danged tower 24.5"tall logitech m-u0007 
Mouse Pad
cheap cloth 
  hide details  
budget junk
(13 items)
 
  
CPUMotherboardGraphicsRAM
phenomII x2 555 be unlocked to quad @3.4 gigabyte ma770t-ud3p ATI HD 5830 crucial,tracer ddr3,1600mhz 
Hard DriveOptical DriveOSMonitor
seagate baracuda 7200.12 500 gig LG Super multi win7 backtrack4 ubuntu asus VE228 21.5" 
KeyboardPowerCaseMouse
DELL SK-8135 rev:A00 corsair 650 good will $15.00 hudge danged tower 24.5"tall logitech m-u0007 
Mouse Pad
cheap cloth 
  hide details  
post #4 of 17
Detta; You are so far behind, it's crazy.
ragequit
(13 items)
 
  
CPUMotherboardGraphicsRAM
Q9550 4ghz @ 1.25v Asus Max 2 formula 8800gtx 610/1ghz OCZ LV blade 1:1 950mhz 
Hard DriveOptical DriveOSMonitor
7200.10 250gb dvd leetlinucks 24" Westy 
KeyboardPowerCaseMouse
G15 750w Toughpower Lian li pc-65 Copperhead 
Mouse Pad
Thermtaltake? 
  hide details  
ragequit
(13 items)
 
  
CPUMotherboardGraphicsRAM
Q9550 4ghz @ 1.25v Asus Max 2 formula 8800gtx 610/1ghz OCZ LV blade 1:1 950mhz 
Hard DriveOptical DriveOSMonitor
7200.10 250gb dvd leetlinucks 24" Westy 
KeyboardPowerCaseMouse
G15 750w Toughpower Lian li pc-65 Copperhead 
Mouse Pad
Thermtaltake? 
  hide details  
post #5 of 17
Would have been nice if they could have uploaded the file.
Koneko
(12 items)
 
  
CPUMotherboardGraphicsRAM
AMD R5 1600 Gigabyte GA-AB350M-Gaming 3 Sapphire RX560 (2GB) Corsair CMK16GX4M2B3200C16W (16GB) 
Hard DriveHard DriveMonitorKeyboard
Samsung 840 Pro (256GB) Seagate ST3000DM001 (3TB) Alienware OptX AW2310 (120Hz) Generic Dell 
PowerCaseMouseMouse Pad
Corsair AX750 Corsair Carbide 88R Mionix Naos 7000 Steelseries Qck 
  hide details  
Koneko
(12 items)
 
  
CPUMotherboardGraphicsRAM
AMD R5 1600 Gigabyte GA-AB350M-Gaming 3 Sapphire RX560 (2GB) Corsair CMK16GX4M2B3200C16W (16GB) 
Hard DriveHard DriveMonitorKeyboard
Samsung 840 Pro (256GB) Seagate ST3000DM001 (3TB) Alienware OptX AW2310 (120Hz) Generic Dell 
PowerCaseMouseMouse Pad
Corsair AX750 Corsair Carbide 88R Mionix Naos 7000 Steelseries Qck 
  hide details  
post #6 of 17
Quote:
Originally Posted by Pooping^fish View Post
Detta; You are so far behind, it's crazy.
this
    
CPUMotherboardGraphicsRAM
i7-2600k asrock z68 extreme4 gen3 9800 gtx+ 2x4 vegeance (8-8-8-24) 
Hard DriveCoolingOSMonitor
samsung 830 256gb+ 1tb wd green + 3tb hitachi corsair h60 windows 7/slackware/arch linux/gentoo dual 28" i-inc 
KeyboardPowerCaseMouse
filco majestouch 2 ninja cm silent pro 600w cm 690 II razer deathadder 
Mouse Pad
razer exactmatXspeed 
  hide details  
    
CPUMotherboardGraphicsRAM
i7-2600k asrock z68 extreme4 gen3 9800 gtx+ 2x4 vegeance (8-8-8-24) 
Hard DriveCoolingOSMonitor
samsung 830 256gb+ 1tb wd green + 3tb hitachi corsair h60 windows 7/slackware/arch linux/gentoo dual 28" i-inc 
KeyboardPowerCaseMouse
filco majestouch 2 ninja cm silent pro 600w cm 690 II razer deathadder 
Mouse Pad
razer exactmatXspeed 
  hide details  
post #7 of 17
Quote:
Originally Posted by Pooping^fish View Post
Detta; You are so far behind, it's crazy.
Would you kindly elaborate?
lady frmam
(14 items)
 
  
CPUMotherboardGraphicsRAM
i5 2500k P8P67 Pro ATI 6850 Kingston 8GB 
Hard DriveOSMonitorKeyboard
1TB Samsung F3, 1TB Western Digial Black, 300GB... Windows 7 Ultimate Dell U2311H Logitech S510/Compaq MX 1800 
PowerCaseMouseMouse Pad
Antec TruePower TP-650 650W Lancool Metal Boned K7 Logitech MX518 awesome pad from artscow 
Audio
BX5A's 
  hide details  
lady frmam
(14 items)
 
  
CPUMotherboardGraphicsRAM
i5 2500k P8P67 Pro ATI 6850 Kingston 8GB 
Hard DriveOSMonitorKeyboard
1TB Samsung F3, 1TB Western Digial Black, 300GB... Windows 7 Ultimate Dell U2311H Logitech S510/Compaq MX 1800 
PowerCaseMouseMouse Pad
Antec TruePower TP-650 650W Lancool Metal Boned K7 Logitech MX518 awesome pad from artscow 
Audio
BX5A's 
  hide details  
post #8 of 17
Thread Starter 
Quote:
Originally Posted by fireman View Post
Would you kindly elaborate?
Point 1) Detta: "moral of the story is any computer connected to the internet is "not safe" ." The article talks about compromising computers that aren't even connected to the internet.

Point 2) The whole article talked about advanced rootkits that are completely stealthed from the OS. Network monitors, netstat and tracert would be useless. These rootkits are created by professionals, not script kiddies.

Point 3) Even if you monitored network transmission at the router/hub level instead of the compromised machine, the article pointed out that the developer would program it to contact completely anonymous servers - like a digital form of a "dead drop". Alternatively, they would send out the packets disguised as connections to ad-servers in the middle of normal outgoing traffic.

Point 4) At this stage, anyone who gets a virus from clicking unknown links fully deserves what they get.
Echo
(8 items)
 
   
CPUMotherboardGraphicsRAM
Intel Core i5-3570K Asus Maximus V Gene Asus Radeon HD 7970 3GB Mushkin Blackline 16GB 
Hard DriveHard DriveCaseOther
2x Samsung 830 256GB Seagate Barracuda 3TB Silverstone Temjin TJ08-E BeQuiet E9-700w 
CPUMotherboardRAMHard Drive
Intel i3-3225 ASUS P8B75-MLX Corsair Ballistix Tactical Western Digital Red 
OSPowerCaseOther
Ubuntu Corsair CX500M Norco RPC-4224 LSI SAS 9207-4i4e HBA 
Other
Chenbro CK22804 24-Port SAS Expander Card 
  hide details  
Echo
(8 items)
 
   
CPUMotherboardGraphicsRAM
Intel Core i5-3570K Asus Maximus V Gene Asus Radeon HD 7970 3GB Mushkin Blackline 16GB 
Hard DriveHard DriveCaseOther
2x Samsung 830 256GB Seagate Barracuda 3TB Silverstone Temjin TJ08-E BeQuiet E9-700w 
CPUMotherboardRAMHard Drive
Intel i3-3225 ASUS P8B75-MLX Corsair Ballistix Tactical Western Digital Red 
OSPowerCaseOther
Ubuntu Corsair CX500M Norco RPC-4224 LSI SAS 9207-4i4e HBA 
Other
Chenbro CK22804 24-Port SAS Expander Card 
  hide details  
post #9 of 17
just read the hole thing, thats some scary ****.
gonna go find my tin foil helmet
Mini-Me
(13 items)
 
Plex/VM server
(11 items)
 
 
CPUMotherboardGraphicsRAM
i5 3350p ASRock Z77E-ITX ASUS GTX 960 4GB G.Skill Ripjaws 8GB DDR3-1600 
Hard DriveOSMonitorKeyboard
Crucial MX200 256GB Windows 7 Dell U2414H Logitech G110 
PowerCaseMouseMouse Pad
Corsair RM550 Fractal Node 304 Logitech G500 Xtrac XXL 
Audio
Beyerdynamic DT 990 250Omh  
CPUMotherboardGraphicsRAM
Xeon L5638 Gygabite X58A-UD3R Asus G210 G.Skill 20GB  
Hard DriveHard DriveHard DriveCooling
WD 4 TB Red WD 3 TB Red Mushkin 120GB SSD OEM cooler 
OSPowerCase
Windows 7 Antec True power 750 LIAN LI PC-7B 
  hide details  
Mini-Me
(13 items)
 
Plex/VM server
(11 items)
 
 
CPUMotherboardGraphicsRAM
i5 3350p ASRock Z77E-ITX ASUS GTX 960 4GB G.Skill Ripjaws 8GB DDR3-1600 
Hard DriveOSMonitorKeyboard
Crucial MX200 256GB Windows 7 Dell U2414H Logitech G110 
PowerCaseMouseMouse Pad
Corsair RM550 Fractal Node 304 Logitech G500 Xtrac XXL 
Audio
Beyerdynamic DT 990 250Omh  
CPUMotherboardGraphicsRAM
Xeon L5638 Gygabite X58A-UD3R Asus G210 G.Skill 20GB  
Hard DriveHard DriveHard DriveCooling
WD 4 TB Red WD 3 TB Red Mushkin 120GB SSD OEM cooler 
OSPowerCase
Windows 7 Antec True power 750 LIAN LI PC-7B 
  hide details  
post #10 of 17
Big deal.
Growing supranationalist tendencies, and a global economy has ended the threat of major war. Get your panties out of a bunch.
Clasicos
(16 items)
 
Proletariatop
(13 items)
 
Upgrayedds
(4 items)
 
CPUMotherboardGraphicsGraphics
Phenom II X6 1090T 4.1ghz|1.60v GA-MA790X-UD4P Sapphire 6870|1GhzCore 1.27GhzMem nVidia Quadro NVS 290 
GraphicsRAMHard DriveOptical Drive
Sapphire 6870|1GhzCore 1.27GhzMem 2x2GB Geil 800 + 2x2GB Micron 800 2x Hitachi 500 GB RAID1 + 870 GB JBOD Optiarc DVD-RAM 
OSMonitorKeyboardPower
Windows 7 Ultimate x64 1x Hanns·G 28" + 2x AOC 20" + 1x Envision 19" Unicomp Customizer Corsair GS600 
CaseMouseMouse PadAudio
Xigmatek Utgard Logitech MX518 Waxed wooden surface. XFi XtremeGamer 
CPUMotherboardGraphicsRAM
AMD Fusion E-240 @ 1.5Ghz Hudson D1 Chipset AMD Radeon 6310 2x4GB DDR3 1333 
Hard DriveOSMonitorPower
Crucial M4 64GB Ubuntu 12.04 w/LXDE 11.6" 1366x768 3-cell lithium ion 
Case
ThinkPad X Series X120e 
CPUGraphicsGraphicsPower
AMD 1090T AMD 6870 AMD 6870 Thermaltake Toughpower XT TPX-775M 775W PSU 
  hide details  
Clasicos
(16 items)
 
Proletariatop
(13 items)
 
Upgrayedds
(4 items)
 
CPUMotherboardGraphicsGraphics
Phenom II X6 1090T 4.1ghz|1.60v GA-MA790X-UD4P Sapphire 6870|1GhzCore 1.27GhzMem nVidia Quadro NVS 290 
GraphicsRAMHard DriveOptical Drive
Sapphire 6870|1GhzCore 1.27GhzMem 2x2GB Geil 800 + 2x2GB Micron 800 2x Hitachi 500 GB RAID1 + 870 GB JBOD Optiarc DVD-RAM 
OSMonitorKeyboardPower
Windows 7 Ultimate x64 1x Hanns·G 28" + 2x AOC 20" + 1x Envision 19" Unicomp Customizer Corsair GS600 
CaseMouseMouse PadAudio
Xigmatek Utgard Logitech MX518 Waxed wooden surface. XFi XtremeGamer 
CPUMotherboardGraphicsRAM
AMD Fusion E-240 @ 1.5Ghz Hudson D1 Chipset AMD Radeon 6310 2x4GB DDR3 1333 
Hard DriveOSMonitorPower
Crucial M4 64GB Ubuntu 12.04 w/LXDE 11.6" 1366x768 3-cell lithium ion 
Case
ThinkPad X Series X120e 
CPUGraphicsGraphicsPower
AMD 1090T AMD 6870 AMD 6870 Thermaltake Toughpower XT TPX-775M 775W PSU 
  hide details  
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Technology and Science News
This thread is locked  
Overclock.net › Forums › Industry News › Technology and Science News › [Ars] Black ops: how HBGary wrote backdoors for the government