Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Microsoft Security Government Privacy Software

Researchers Catch Microsoft Zero-Day Used To Install Government Spyware (vice.com) 83

An anonymous reader quotes a report from Motherboard: Government hackers were using a previously-unknown vulnerability in Microsoft's .NET Framework, a development platform for building apps, to hack targets and infect them with spyware, according to security firm FireEye. The firm revealed the espionage campaign on Tuesday, on the same day Microsoft patched the vulnerability. According to FireEye, the bug, which until today was a zero-day, was being used by a customer of FinFisher, a company that sells surveillance and hacking technologies to governments around the world. The hackers sent a malicious Word RTF document to a "Russian speaker," according to Ben Read, FireEye's manager of cyber espionage research. The document was programmed to take advantage of the recently-patched vulnerability to install FinSpy, spyware designed by FinFisher. The spyware masqueraded as an image file called "left.jpg," according to FireEye.

Researchers Catch Microsoft Zero-Day Used To Install Government Spyware

Comments Filter:
  • yep. yours, too, and to all the places you'll go.
  • by Anonymous Coward on Tuesday September 12, 2017 @08:15PM (#55185121)

    Who has caused the most damage for American citizens?

    NORTH KOREA or THE NSA?

    • by Opportunist ( 166417 ) on Tuesday September 12, 2017 @08:26PM (#55185179)

      This is pretty much why I can't help but snicker every time someone says "But the Russians...". The harm "the Russians" can do to you are minimal compared to what your very own government can.

      • by Ol Olsoc ( 1175323 ) on Tuesday September 12, 2017 @10:11PM (#55185561)

        This is pretty much why I can't help but snicker every time someone says "But the Russians...". The harm "the Russians" can do to you are minimal compared to what your very own government can.

        I wonder if we might be able to concentrate on more than one issue at a time.

        • by Anonymous Coward

          I wonder if we might be able to concentrate on more than one issue at a time.

          Given that the whole point of the "Russia hacked the elections" thing is to distract people from more important things, it seems that the answer is "No."

          • I wonder if we might be able to concentrate on more than one issue at a time.

            Given that the whole point of the "Russia hacked the elections" thing is to distract people from more important things, it seems that the answer is "No."

            Well, I can't be certain of course, but I'd wait a few months her for further news before the conspiracies are closed.

      • by Plus1Entropy ( 4481723 ) on Wednesday September 13, 2017 @12:31AM (#55186019)

        I think that's a bit disingenuous. Both things are threats to our liberty, in different ways and to different degrees. Just because I am concerned about Russia interfering in our elections doesn't mean that I am not concerned about the rise of the surveillance state.

        • by rtb61 ( 674572 )

          Good PR schtick but the reality is the whole world is concerned about the US hacking their elections, from extortion, to colour revolutions, coups against democracies to turn them into autocracies who will ruthlessly exploit their citizens at the behest of US corporations, to out and out invasion and mass murder of the population. Now all of these are proven facts and histories and not some bullshit about Russia spending $100,000 buying advertisements or foreign citizens reporting the crimes of the US gover

      • "Oh, them? It never changes," she said. "It's always: location, location, location."
    • Re: (Score:2, Interesting)

      Who has caused the most damage for American citizens?

      NORTH KOREA or THE NSA?

      Or state-sponsored hackers, fighting an undeclared cyber-war? 99% of the American citizenry were enjoying their usual lives, un-molested, prior to said hackers, oh, and of course, "patriotic" leakers, sharing our state secrets and many of our own cyber-war weapons with our "friends" at Wiki-Leaks. Dear Julian, having absolutely no compunctions, if it increases his importance and fluffs his, umm, ego has done quite a bit of damage. Did was really need him to out the basis for the recent ransom-ware attack

      • by Macfox ( 50100 )

        The concept of transparency and accountability must be new to you.

        The NSA was checking everyone's front door, so they could gain access "if" they ever needed to, but claiming they have your interest at heart.

        • The question was, “Who has caused the most damage for American citizens?” The NSA’s activities are certainly objectionable but how much real damage have they done to American citizens?
          • by Macfox ( 50100 )

            So far Kim has done Jack all, but thrown a few insults and made threats. The NSA in its irresponsible handling of sensitive data and munitions has cost the Americans much more indirectly.

            • You’re certainly correct that Kim hasn’t done anything overt as yet. But I guarantee you North Korea has had indirect impact on Americans, increased defense expenditures in the region come to mind. It is certainly true the NSA‘s activities have impacted Americans, and others worldwide, with the release of their hacking tools leading directly to ransomware attacks.

              The point in my original post was that those ransomware attacks were less the fault of the NSA, and more the fault of the ha

              • by Macfox ( 50100 )

                If you are going to build such munitions and store them, it's your responsibility to secure them.
                Attributing blame on Assange isnt logical. Unknown hackers breached US security and had these tools. The responsible thing was to make the world know they're in the wild.

    • Who has caused the most damage for American citizens?

      Software proprietors, regardless of nationality, current employment, or current residence. Brad Kuhn said it well in his blog post, "Software Freedom Doesn't Kill People, Your Security Through Obscurity Kills People [ebb.org]".

    • Who has caused the most damage for American citizens?

      NORTH KOREA or THE NSA?

      Microsoft.

    • by ( 4475953 )

      Neither of them. The American citizens themselves, by electing Donald Trump as a president - and previously Bush Jr. and his regime, who probably caused the biggest damage to the US so far that any government has ever caused.

  • The guy still had to download and open the Word doc.

    And I hope FireEye isn't trying to claim to be some kind of hero in this. The timing of their "revelation" is highly suspicious.

    • And furthermore, anyone who doesn't believe in full public disclosure upon discovery is a *BLEEEEE..*

    • by Koby77 ( 992785 )
      Hasn't microsoft missed a patch tuesday in the past, causing a researcher to reveal a zero day because of a time limit policy on withholding the vulnerability from the public? I agree the timing is suspicious, but it may be that FireEye said "We're revealing it on 9/12/2017, so you better not miss patch tuesday, but if you do release then everything will be okay." I'm just pointing that out as a possibility; we may never know what is said behind the scenes.
  • Questions: Are you surprised by this?

    a) No
    b) Yes
    c) I'm a clueless asshat, can I read a story now?
  • by lucm ( 889690 ) on Tuesday September 12, 2017 @08:58PM (#55185301)

    Those guys are playing with evil forces.

    FireEye analyzed a Microsoft Word document where attackers used the arbitrary code injection to download and execute a Visual Basic script that contained PowerShell commands.

    RTF -> VBScript -> PowerShell -> Chtulhu awakens

  • by Anonymous Coward on Tuesday September 12, 2017 @10:12PM (#55185565)

    Brian Malacchia was one of the authors of .NET. I had the pleasant experience of hearing him speak at MIT about the upcoming "Trusted Computing" software. What made it fun was that Richard Stallman was in the room, which Brian was *not* expecting, and proceeded to call into question the entire "Microsoft holds the private keys, and revolcation keys for all your hardware and software" security model. Brian pointed out that if Microsoft ever did the pernicious tricks Richard Stallman was worried about, that he and ethical engineers like him would resign.

    I managed to rivet the room by pointing out "just like you resigned from the .NET project for their violations of basic security"? The fact that he hopped from security from .NET to Trusted Computing, and .NET *had government backdoors built in*, is precisely why we should trust neither project. He *knew* it was flawed, and instead of resigning he just went to the next security project that has nothing to do with actual user security. It's about digital rights management, at every single level, and about giving Microsoft access to user's private keys in their own private and uncontrolled escrow storage.

    • out of points. interesting
    • by crtreece ( 59298 )
      I'm sure Microsoft is a huge hacker target. It'll be interesting when they get hacked and we find out the real extent of their snooping and data gathering, which is sure to include plenty of user credentials and encryption keys.
  • ....the same way you do with Java. It's only fair.

"Life sucks, but death doesn't put out at all...." -- Thomas J. Kopp

Working...