While we worry over the American National Security Agency (NSA) spying on our Facebook status updates, the agency might actually have even a better view of our personal data stored on our computers. Security researchers at Kaspersky Labs have found that the NSA has been using certain websites to install malware on computers to spy on users around the globe.
Security experts at Kaspersky have identified 300 domains that the NSA has been using to distribute malware. All these domains are now expired and are available for anyone to purchase. Some of which sells at up to $10,000.
Here are some of those domains –
- advancing-technology[.]com
- avidnewssource[.]com
- businessdealsblog[.]com
- thesuperdeliciousnews[.]com
- goodbizez[.]com
- coffeehausblog[.]com
- islamicmarketing[.]net
- adsbizsimple[.]com
- amazinggreentechshop[.]com
- suddenplot[.]com
- honarkhabar[.]com
- ad-noise[.]net
- ad-void[.]com
The hacker group who goes by the name “Equation Group” has been in charge of this entire operation. They were reported to be in a partnership with the NSA. The group has used these different websites to deliver their different types of trojans and malware titled EQUATIONLASER, EQUATIONDRUG, DOUBLEFANTASY, TRIPLEFANTASY, FANNY and GRAYFISH.
“Some of the earliest malware samples we have seen were compiled in 2002; however, their C&C was registered in August 2001. Other C&Cs used by the Equation group appear to have been registered as early as 1996, which could indicate this group has been active for almost two decades,” researcher at Kaspersky wrote on a report.
Considering the names of some of these domains, it’s easy to assume that Islamic activists have been the main victims of these attacks, but not limited. Hit the source link at the bottom for more info.
Read Also: Did NSA Have Anything To Do With Heartbleed Bug?
The domains discovered here, now expired, are only a handful of the sites NSA has used in the past. Imagine how many active sites they might have right now.
[Via: HackRead / Source: Kaspersky Labs / Photo: dustball]
(All images, trademarks shown on this post are the property of their respective owners)
Follow @nrjperera – Roshan Jerad Perera
