CySecurity News – Latest Information Security and Hacking Incidents
Pangu Lab researchers have revealed information of a Linux top-tier APT backdoor dubbed as Bvp47, which is linked to the US National Security Agency (NSA) Equation Group.
The term “Bvp47” is derived from several references to the string “Bvp” and the numerical figure “0x47” used in the encryption algorithm. The Bvp47 backdoor was first identified in 2013 during a forensic examination into a security breach at a Chinese government entity. The backdoor was discovered on Linux computers after an in-depth forensic assessment of a host in a key domestic department, according to the experts. The malware seemed to be a top-tier APT backdoor, but to further investigate the malicious code needed the attacker’s asymmetric encrypted private key to activate the remote control function.
The hacking group, The Shadow Brokers disclosed a trove of data reportedly taken from the Equation Group in 2016 and 2017, including a slew of hacking tools and exploits. The hackers disclosed a new dump at the end of October 2016, this time featuring a list of systems compromised by the NSA-linked Equation Group. The Bvp47 backdoor was identified by Pangu Lab researchers within material exposed by The Shadow Brokers. In ten years, the Equation Group attacked over 287 targets in 45 countries, including Russia, Japan, Spain, Germany, and Italy, according to stolen data.
Governments, telecommunications, aircraft, energy, financial institutions, nuclear research, oil and gas, military, transportation, and companies researching encry
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: