Home » Tech News » The Equation Group: A Unique And Dangerous Threat

Kaspersky is having a hard time to crack The Equation Group’s threat to all the computers around the world. Tech News

We all know our good ol’ friend Kaspersky as a system protector. The cyber-security giant is currently having a hard time with a current issue as they stated that there is a unique and dangerous threat out there.

But that’s not what bugs me the most, as well all know that Kaspersky is one of the top anti-virus and/or anti-malware providers out there, what are our options?

What Is The Equation Group?

Over the years, Kaspersky Lab’s Global Research and Analysis Team (GReAT) had always been monitoring 60 advanced threats responsible for cyber-attacks worldwide. GReAT also stated that with those years, they have seen almost all complexities and cyber-attacks that uses advanced tools, but this time the threat is indisputable. Surpassing anything known in terms of complexity and sophistication of techniques, Kaspersky discovered the so called “The Equation Group”.

equation group victims map

Kaspersky Lab researchers also said that the group is unique in almost every aspect of their activities. Unlike modern cyber-attacks that uses advanced tools as we know of, The Equation Group use tools that are very complicated and expensive to develop. One thing Kaspersky found out is that the group used modules that allowed reprogramming of the hard drive firmware used by big name brands such as Western Digital, Seagate, Maxtor, Toshiba, and IBM. One module known only by a cryptic name, nls_933w.dll, is said to be the group’s most powerful arsenal and the first known malware able to infect hard drives. Now that is scary.

Some of The Equation Group’s Infamous Trojans

Ever heard of DFH, GrayFish or Equation Laser? Well, these are just a few of The Equation Group’s “implants” as they would call it. Here are a few other notable malwares created and used by the group:

equation group malware family

  • Fanny Worm is a computer worm that spreads through USB sticks with the intent of gathering intelligence. It also is said to use what the famous Stuxnet virus (a well-known computer worm discovered in 2010 designed to attack industrial programmable logic controllers) used during its course, the LNK exploit.
  • Grok Keylogger – You might already know it, a keylogger is a program that records each keystroke that a user typed. This may well be valuable in gathering sensitive information for the group.
  • DoubleFantasy is a threat that spreads without the use of internet. It is installed onto disks and infects systems when used.

With a virus that is capable of modifying hard drive firmware, we may as well be defenseless for now, but I believe the anti-virus community and independent researchers will soon figure out what causes these attacks and provide us a solution. However it has been suggested by other news or tech blog articles, the only solution is to destroy your hard drives.

About James

James' is a freelance writer with a passion for PC gaming, hardware and software. When he is not writing or gaming, he will always find a way to do one of either or even both.

Related

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>