NSA Has A 50,000 Computer Botnet From Secretly Installing Malware Around The Globe
from the keeping-us-safe...? dept
Over the weekend, the Dutch media operation NRC published yet another Ed Snowden slide, showing how the NSA had infected 50,000 computer networks with malware. The only really new thing here is the number. We already knew the NSA's TAO (Tailored Access Operations) group was infecting computers around the globe using packet injection, via a system it calls "quantum injection", and that it's used these to install malware on key computers inside Belgacom, the Belgian telco giant. However, the latest report basically shows that the NSA has been able to compromise computers and networks in the same manner all around the globe:
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: malware, nsa, nsa surveillance
Reader Comments
Subscribe: RSS
View by: Time | Thread
If they do it would only take one hacker to cause freaking pandemonium on a global scale...
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
With so many compromised systems, they are in a position to make things very ugly to any government or group that challenges them, and given their actions so far, I wouldn't put it past them at all, to if not perform such an action, at least hint at it to discourage any potential opposition.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
Checked the EULA coming with your AV package lately? Have a look under the header "Privacy" or something similar. You'll find that they have essentially given themselves the right to send just about anything off your system to their databases. Files, programs, personally identifiable information, MAC addresses, IP number - everything.
How many other US companies besides Apple, Google, Microsoft, Verizon, etc were listed in Snowdens documents? 100+ that weren't named IIRC. Want to bet some money there are a few AV companies involved? I wouldn't.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re:
The NSA is a black-hat hacker.
[ link to this | view in chronology ]
Re:
"3 infected files found to be infected with the NSA Botnet Spyware. Please contact the NSA for removal instructions"
[ link to this | view in chronology ]
Re: Re:
"3 files found to be infected with [redacted]."
[ link to this | view in chronology ]
Oh and the title needs some love.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
I think around a little after 9/11 is when things began to go downhill.
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
I did not think 50,000 seemed like a very big botnet.
NSA needs to lift their game, I am sure Anonymous could easy do better than 50k bots !!!!
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re:
"NSA Has A 50,000 Computer Botnet From Secretly Installing Malware Around The Globe"
and they call it a BOTnet because IT is a network of BOTS
[ link to this | view in chronology ]
interesting !!!
No. 1: Zeus
Compromised U.S. computers: 3.6 million
No. 2: Koobface
Compromised U.S. computers: 2.9 million
No. 3: TidServ
Compromised U.S. computers: 1.5 million
.
.
.
No. 10: Conficker
Compromised U.S. computers: 210,000
Again, I find it hard to get all excited that NSA has a 50k botnet, and would have expected better from them..
[ link to this | view in chronology ]
Re: interesting !!!
Not computers
Network > Computer
[ link to this | view in chronology ]
Re: interesting !!!
[ link to this | view in chronology ]
Re: interesting !!!
[ link to this | view in chronology ]
These all only infect WINDOWS!
Seriously, just say no to Windows.
[ link to this | view in chronology ]
If they want to convince people that they're the good guys, they need to stop acting like supervillains.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
and yes i have proof
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Ditch anti-virus software
So 50000 is likely to be the current RECENT number done in the last few years.
Secondly, your anti-virus didn't catch these, and I see some of them (Symantec) sheepishly mentioning there's a backdoor that listens on the SSH port for special encrypted commands (looks like NSA work, because NSA would know who sent those commands, it would be in their logs! It would be in GCHQ logs!).
Either the anti-virus companies didn't catch it (incompetence), or they were complicit in not catching it, or maybe they are one of the backdoors.
Thirdly, so much for Obama being in control. He's clearly not in charge here, the NSA is busy setting all kinds of illegal agendas and he's not in the loop.
[ link to this | view in chronology ]
Re: Ditch anti-virus software
Got a link or two showing where an AV company, like Symantec, has indicated that they will or will not detect government spyware?
I'd love to read up more.
[ link to this | view in chronology ]
Re: Ditch anti-virus software
If he truly wasn't "in charge" I would have expected him to be clipping a lot of wings by now, and that isn't happening. He is sitting there say "I didn't know" but he isn't doing a damn thing about it.
The NSA operates under the jurisdiction of the Department of Defense and reports to the Director of National intelligence.
The Director of National Intelligence (DNI) is the United States government official – subject to the authority, direction, and control of the President – required by the Intelligence Reform and Terrorism Prevention Act of 2004 to:
Serve as principal advisor to the President, the National Security Council, and the Homeland Security Council about intelligence matters related to national security;
Serve as head of the sixteen-member Intelligence Community; and
Direct and oversee the National Intelligence Program.
[ link to this | view in chronology ]
Re: Re: Ditch anti-virus software
How would he clip wings if he wasn't in charge?
[ link to this | view in chronology ]
Re: Re: Re: Ditch anti-virus software
If things were happening "without his knowledge" in other words the NSA had gone rouge, then he would start replacing those if charge of keeping the NSA in check. That hasn't happened. Therefore, I conclude one of two possibilities.
1. He didn't know what is going on, but agrees with it, therefore he will not reprimand anyone.
2. He knows exactly what is going on and is not being honest with the people.
The first option seems rather unlikely as I believe part of his campaign was about reining in the spying. Obama has failed the people he is supposed to serve.
Congress is no better as they have the purse strings and and ability to pass legislation. They too knew, or had a duty to find out what was going on and take the appropriate steps to protect the American people. They have failed the people they are supposed to serve.
They have all disgraced themselves, their families and in fact all Americans.
[ link to this | view in chronology ]
Re: Ditch anti-virus software
[ link to this | view in chronology ]
Re: Re: Ditch anti-virus software
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
not a botnet
Once a router is infected, if a user's computer or server was infected that malware isn't so important anymore. Those, non-router, computers are updated much more frequently than routers or switches. Also, anti-virus software is not installed on routers. The NSA may even remove malware from non-routers to avoid detection. Then again, they may have achieved some very stealthy malware. I think it is less likely that arrangements are made with major AV companies to whitelist NSA malware. A whitelist is visible to too many people.
This particular leak is going to have an enormous impact on NSA capability. It would behoove any security executive for telecoms, or ISPs around the world to take a close look at their routers.
[ link to this | view in chronology ]
And the beast grows
The NSA has a network of Botnets in other countries, then the owners of those infected computers decide to run their own BotNet networks infecting other computers, and then the FBI, and Microsoft go on the hunt for these computers-installing malware to get the botnets captured.
Could it be true? That the FBI and Microsoft have been doing this all along? Capturing and shutting down BotNet servers that began with the NSA?
It boggles the mind completely. Total insanity, and that's why the NSA should be shut down.
They infecting everyone's computers with malware that has to be cleaned up by others. Such nice guys.
Speaking of legalities, I'm pretty sure this would qualify under several international laws as electronic terrorism, plus our own laws against it.. Ah, gee whiz..the NSA can't do anything right!
[ link to this | view in chronology ]
This is going to stick in people's memories come the next war.
[ link to this | view in chronology ]
sORRY TO SEE THIS
Lets even think SIDE WAYS, and say its FLASH based..
HOW about JAVA?
And since they are all customized to the OS...
any other reason NOT to use Windows products??
Windows must HIDe the program very well, also..
windows SERVER? WINDOWS 7? 8?
Someone GET me to linux..
[ link to this | view in chronology ]
Re: sORRY TO SEE THIS
[ link to this | view in chronology ]
Headline
[ link to this | view in chronology ]