b********n
发帖数: 38600 | 2 Given that this is a Windows-specific exploit, the two questions that come
to mind: 1.) Was this developed with cooperation from Microsoft? and 2.) How
long before Linux overtakes Windows on the desktop in China, Russia, India,
Brazil, South Africa, everywhere else? Companies will soon realize that you
don't need to rely on a fucking domain controller to centrally manage an IT
infrastructure. There are LDAP alternatives to Active Directory.
"EquationDrug’s core modules, designed for hooking deep into the OS, do not
contain a trusted digital signature and cannot be run directly on modern
operating systems. The code checks whether the OS version predates Windows
XP/2003. Some of the plugins were designed originally for use on Windows 95/
98/ME.If the target is using a modern operating system such as Windows 7,
the attackers use the TripleFantasy or GrayFish platforms. EquationDrug has
an integrated countdown timer, presumably designed to self-destruct if
commands are not received from the C&C for a period of time (several months)
.The information stolen from the PC and prepared for transmission to the C&C
is stored in encrypted form throughout several fake font ?les (*.FON)
inside the Windows\Fonts folder on the victim's computer" |
