Kaspersky blew whistle on NSA hacking tool hoarder

Enlarge / NSA got a message from Kaspersky that one of its own was being very, very bad, according to a new Politico report.

Harold T. Martin III, a former government contractor, is still facing trial for the alleged theft of massive amounts of National Security Agency data, including documents and tools from the NSA’s Tailored Access Operations Division. Now, a new report by Kim Zetter for Politico suggests that the NSA and the Justice Department tracked down Martin thanks to information shared by an ironic source: the Moscow-based malware protection company Kaspersky Lab.

Citing two anonymous sources familiar with the investigation, Zetter reports that Kaspersky Lab employees passed information on Martin to the US government after he sent unusual direct messages via Twitter to the company in 2016. Kaspersky passed the US government five messages from an anonymous Twitter account named @HAL999999999 to two researchers at the company. The first message, sent August 15, 2016, requested that a researcher facilitate a conversation with “Yevgeny,” the given name of Kaspersky Lab founder and CEO Eugene Kaspersky. “So, figure out how we talk…

With Yevgeny present,” the message read. The second message: “Shelf life, three weeks.” The messages came just 30 minutes before someone calling themselves Shadow Brokers dumped a link to a collection of NSA tools in a Tumblr post and announced additional tools would be auctioned off for 1 million Bitcoin.

After responding to the messages, both Kaspersky researchers were promptly blocked by the @HAL999999999 account, according to Politico’s sources. Analysis of the account by Kaspersky researchers linked it to Martin and work he did for the US intelligence community. That prompted Kaspersky employees to reach out to the NSA, as they believed it might be connected to the Shadow Brokers case.

Martin was arrested on August 27, 2016. His case is still pending, and his attorneys have been fighting to get the Justice Department to provide full copies of the evidence in the case. The Twitter messages were first revealed in a court ruling in which US District Court Judge Richard Bennett denied a motion by attorneys for Martin to suppress evidence in the case because the government had used the messages as the basis for a search.

There’s no small amount of irony in the detail, as Kaspersky’s software and services have been banned for government use by a law signed by President Donald Trump in December of 2017.

Kaspersky has been accused of sharing data from antivirus agent software with Russian intelligence, and Kaspersky data may have been used to identify a computer storing NSA data.

Kaspersky issued a report claiming that the company had detected files associated with the NSA “Equation Group” hacking tools after a Kaspersky customer’s computer became infected with a backdoor packaged with pirated Microsoft Office software.

TinkerForge Starterkit Hardware HackingThe Starter Kit: hardware hacking makes it possible for micro-voltage electric devices to connect to hack and so with tinker forge modules. Any (Embedded) PC and any smartphone/tablet can be used to interact with the chopped devices. Interaction is via USB as well as via WLAN with the help of WIFI extension is possible. Also an Ethernet interface can be used with the Ethernet extension can be added.Two radio-controlled switch sockets are included in this kit, so that directly with the hook can be started. A step-by-step guide explains how these can be hacked (soldering iron, solder and screwdriver required).There are two groups of applications for this kit: Taxes and reading. For control applications is an industrial Quad Relay Bricklet supplied. This consists of four switchable solid state relays. For reading applications is an Industrial Digital In 4 Bricklet supplied. This can be four digital signals with voltages up to 36 V galvanically isolated reading.Documented Example applications are:Smoke alarm to PC TransferSockets via the PC us via Smartphone/Tablet PC remote control (Android, Windows Phone and iOS)- Garage Doors via a smartphone/tablet (Android, Windows Phone and iOS) opening and closingDoorbell to PC TransferA variety of other applications are possible. Everything is controlled via a remote control or digital signals can easily be hacked issues with this kit The documented examples should be enough to even without any prior knowledge of each electrical device in this category to hack.They can be programd via all available bindings (C/C++, C#, Delphi/Lazarus, Java, JavaScript, LabVIEW, mathematica, MATLAB/octave, Perl, PHP, Python, Ruby, Shell, Visual Basic .NET). Example implementations for many programming languages and demo applications simplify the programming using tinker forge.Necessary toolsSoldering iron- SolderScrewdriver (to housing to open, etc.)Update firmware and first testsIn the first step, the bricks and brick lets tried out and, if necessary, the Firmwares updated.To do this, the brick daemon and the Brick Viewer must be installed. Close both brick let to the master brick and connect it via USB with the PC. Then you can be determined via the brick viewer whether all firmwares are up to date. If not, then these should be updatedYou should then with the brick Viewer all bricks and brick lets be checked. It is best to click through the various tabs and verifies that the master brick and brick lets be displayed correctly.FunctionThere are two basic ways to use this kit: voltages and currents. A detailed description of the fundamentals is located in the hardware hacking for beginners tutorial.Note: The above-mentioned voltage limits must be observed! Devices which have a potentially dangerous high voltage supply (e.g. mains voltage) must not be chopped!Measure voltages up to 36 VThe current state of electronic devices is often somewhere in the form of an electrical voltage represents. If it is a digital signal is and its voltage falls below 36 volts, then an Industrial Digital In 4 Bricklet associated and status can be read. A good example of this is the LEDs. An LED indicates the status of a system, it can easily be read out.It is important to note that the minimum voltage that is recognized as high at 3 volts. The maximum voltage is detected as low is 2 V. Between these voltages, the behavior is undefined.In order to read a signal must be connected to one of the inputs of the Industrial Digital In 4 can be connected. If there is no reaction of the input in the brick viewer to recognize, it may be that the assignment must be turned (wrong polarity). The assignment can be trial-and-error can be tested. The Industrial Digital In 4 is protected against polarity reversal.The figure below shows an example of the necessary circuit for reading of an LED. In thi - More Info - EAN: 4016139057149

Emergency WhistleIdeal as part of an outdoor or marine survival pack - More Info

SonicWall NSA 2650 Security ApplianceThe SonicWall Network Security Appliance (NSA) series combines the patented SonicWall Reassembly Free Deep Packet Inspection (RFDPI) engine with a powerful and massively scalable multi-core architecture to deliver intrusion prevention,gateway anti-virus,gateway anti-spyware,and application intelligence and control for businesses of all sizes. By integrating automated and dynamic security capabilities into a single platform,the NSA series provides comprehensive next-generation firewall protection without compromising performance. Along with superior power efficiency,SonicWall NSA series appliances lower the total cost of ownership by reducing complexity and the time necessary to configure,deploy and maintain security solutions. An intuitive GUI and powerful set-up wizards make it easy to quickly set up and fine-tune network policies,application rules,VPN connections and more. - More Info

SonicWall NSA 4650 Security ApplianceThe SonicWall Network Security Appliance (NSA) series combines the patented SonicWall Reassembly Free Deep Packet Inspection (RFDPI) engine with a powerful and massively scalable multi-core architecture to deliver intrusion prevention,gateway anti-virus,gateway anti-spyware,and application intelligence and control for businesses of all sizes. By integrating automated and dynamic security capabilities into a single platform,the NSA series provides comprehensive next-generation firewall protection without compromising performance. Along with superior power efficiency,SonicWall NSA series appliances lower the total cost of ownership by reducing complexity and the time necessary to configure,deploy and maintain security solutions. An intuitive GUI and powerful set-up wizards make it easy to quickly set up and fine-tune network policies,application rules,VPN connections and more.   - More Info

SonicWall NSA 2650 - security applianceSonicWall NSA 2650 - security appliance - More Info

You may also like...

       
Apps & Games Clothing Electronics & Photo Large Appliances
Baby Womens Apparel Garden Lighting
Beauty Mens Apparel Outdoors Luggage
Books Girls Apparel Health & Personal Care Pet Supplies
Car Boys Apparel Home Shoes & Bags
Motorbike Computers & Accessories Kitchen Equipment Sports & Outdoors
Fashion DIY & Tools Jewellery Toys & Games