US Military Publicly Dumps Russian Government Malware Online

An anonymous reader quotes a report from Motherboard: This week, U.S. Cyber Command (CYBERCOM), a part of the military tasked with hacking and cybersecurity focused missions, started publicly releasing unclassified samples of adversaries' malware it has discovered. CYBERCOM says the move is to improve information sharing among the cybersecurity community, but in some ways it could be seen as a signal to those who hack U.S. systems: we may release your tools to the wider world. On Friday, CYBERCOM uploaded multiple files to VirusTotal, a Google-owned search engine and repository for malware. Once uploaded, VirusTotal users can download the malware, see which anti-virus or cybersecurity products likely detect it, and see links to other pieces of malicious code.

One of the two samples CYBERCOM distributed on Friday is marked as coming from APT28, a Russian government-linked hacking group, by several different cybersecurity firms, according to VirusTotal. Those include Kaspersky Lab, Symantec, and Crowdstrike, among others. APT28 is also known as Sofacy and Fancy Bear. The malware itself does not appear to still be active.

Re:

[Klaxton]

What about the many indictments, plea bargains, and outright convictions of trump's flunkies? Mueller hasn't shown a fraction of what he has.

Re:

[Anonymous Coward]

Yes, help these people out. But after things have settled down begin looking at no-building zones in these places buried in woods with poor access for large vehicles and low water main pressures. Or, if you build there you truly are on your own, pioneer! Just like the mandates being set down for people who choose to keep building and living in Mississippi flood plains. The Feds have no money to keep bailing your asses out when your little escape island is going up in flames. Or underwater with the gars.

Re: We need to keep perspective here

[nasch]

Not likely the people doing computer security are also trained firefighters so what do you suggest? They just stop doing their jobs until there are no bigger problems in the US?

Re:

[Rockoon]

The true purpose is to increase the number of "cyber attacks" that they can attribute to russians.

Re:

[account_deleted]

Comment removed based on user account deletion

LMAO

[LordWabbit2]

I will laugh my ass off if the Russian's simply do the same thing and upload American malware, we already know from multiple sources that America is doing cyber war just as much as the Chinese and Russians etc. This is just a publicity stunt... although I have to admit I would like to take a look at them, disassemble them and see how they work. I took an in depth look at the Melissa virus back in the day (although that wasn't exactly hard, it was written in VBA) it did something that work wanted me to do, so I wanted to see how it did it. Horrible code, boggles the mind how it managed to spread and do so much damage with such shitty code. So I copied the one line of undocumented API code that it used, to do what I needed to do and the company anti-virus did not like it at all. So in a meeting I said "I can do what you want me to do, but you will have to switch off the anti-virus", yeah, that didn't fly. Rightly so, so we had to figure out another workaround.

Re:

[Anonymous Coward]

And here it is. The excuse.

So we constantly heard about how if Russia is doing mean things on the internet, then where is the proof? Why don't they show us?

Now they do, and it's "But America does it too!!!!!!!111111".

If you haven't been paying attention, America's intelligence agencies have been getting their dirty laundry publicly posted online for about a decade thanks to the combined efforts of Assange, Russia, and Snowden. I don't think "Imagine if Russia did it too" is really much of a threat, when, we

Re:

[MillionthMonkey]

No, there are things the Americans don't do.

The Russian government requires all software companies there to include whatever code they give them. You should never run closed-source software on your machine if a Russian company was involved.

Re:

[LordWabbit2]

No, there are things the Americans don't do.

You may need to to elaborate.
It seems like America is willing to do what ever it wants.
Torture
Chemical attacks
Wrongful arrest.
Illegally invading countries.

Napalm and agent orange, FFS I mean where do Americans
draw the line on what they will not do?

Re:

[LordWabbit2]

You are the only nation to drop a nuke in anger, in war. Twice. On civilians. Children. The first I can understand, the second? Why? So you could play with your new toy?

Re:

[Anonymous Coward]

You do not have the slightest clue as to what life was like during WW2. Countries were totally destroyed. There were 60 million dead. Extermination camps that automated and optimized the most efficient way of killing people. There were no Geneva Convention or rules on the treatment of POW's. Although it is ironic because today the Geneva Convention would allow the immediate execution of any combatant not officially affiliated with the armed forces of a nation state.

"On civilians. Children"
In WW2 there was n

Re:

[LordWabbit2]

Like fighting for oil.

Are US systems protected against these samples?

[archer, the]

If not, talk about giving away the keys to the castle...

Re:

[110010001000]

Yeah, really. What would happen if the Russians obtained these samples?

Meanwhile, 18 months ago...

[Archtech]

"The Marble Framework - How the CIA Obfuscates and Pretends to be Someone Else"

https://viableopposition.blogs... [blogspot.com]

Re:

[Archtech]

The CIA is a US spy agency. That's their job.

Why do people get offended when spies spy and immigration enforcement enforces immigration law?

Who said anything about being offended? This thread's topic is about how "U.S. Cyber Command (CYBERCOM)" publicly dumped "Russian government malware online".

If the topic is worth publishing, let alone discussing, there is surely an implication that it is bad for the Russian government to be creating and/or using malware.

So I thought it would provide some context for people to know that Wikileaks had dumped US government malware online over a year earlier. Moreover, some of that US government malware is desi

Re:

[Archtech]

The CIA is a US spy agency. That's their job.

Why do people get offended when spies spy and immigration enforcement enforces immigration law?

As to the third sentence - why people get offended - you might ask those responsible for punishing alleged spies against the USA with long - including life - prison sentences, and even the death penalty. Ask the Rosenbergs https://en.wikipedia.org/wiki/... [wikipedia.org], or Robert Hansson https://www.voanews.com/a/a-13... [voanews.com], or many others.

The customary view is that spying is perfectly normal and OK when done by our side, but wicked and criminal when done by others to us.

Why not

[Anonymous Coward]

The US's malware has been dumped already by the Shadow Brokers, we got nothing to lose at this point

Well that makes perfect sense..

[3seas]

As an addiction the addicted have to do the things that keep their addiction feed. Hence cybersecurity must support the problem they claim to be against.

Russian -linked cyber bollix

[najajomo]

Enough with this anti-Russian linked cyber bollix ..

Re:

[account_deleted]

Comment removed based on user account deletion