NSA's project TURBINE can basically command and control itself

An NSA project to install spying malware on "millions" of computers around the world, dubbed TURBINE, could allow the clandestine US agency unprecedented access to "industrial-scale exploitation" in the battle for internet dominance. The spyware, which is said to have already been installed on as many as 100,000 systems after first being deployed in mid-2010, is described as both smart and aggressive, automating much of what would have previously needed a trained operative.

That, The Intercept's insiders say, makes it the perfect tool for broadly infecting a huge number of machines and casting a wide net for data collection. Rather than limit such actions to human operatives, TURBINE is an "intelligent command and control capability" that can run its own deployment and make its own decisions on which gathered data is important.

What makes TURBINE particularly interesting for the NSA is how little staff would have to know technically about infected systems and software in order to extract informati
on.

The malware works to "relieve the user from needing to know/care about the details" an NSA document describes. The leaked file goes on to explain that TURBINE could be instructed to pull up all of the information about a certain application, and then would itself be responsible for figuring out the disparate places on the system that data was stored, where other related files might be, and which was most important to extract.

Part of the NSA's "Owning the Net" initiative, paid for with more than $67m in 2013, TURBINE works hand in hand with internet monitoring tools that are said to track when targets access sites the security agency is able to exploit. For instance, a fake Facebook server can be called into play by TURBINE in such a case, allowing the NSA to infect the remote computer.

Other approaches include clandestinely inserting a compromised server in-between regular network traffic, with the NSA using that "man-in-the-middle" positioning to log all data that passes through. Dubbed SECONDDATE, it can be used both for targeted attacks on specific systems, as well as to broadly disseminate malware.

TURBINE is allegedly supported by an array of remote "sensors" across multiple locations, which alert the command-and-control system to potential victims. That includes deployments at GCHQ-run monitoring stations in the UK, but potentially other places elsewhere in the world.

Via - SlashGear

Comments

iPad (2022) and iPad Pro with M2 announced

Apple has announced their latest iteration of the iPad (entry level model) and the iPad Pro lineup with the new M2 processor. The event, held on the 18th of October as a recorded session displayed the key features of the iPads with the most significant being the base model iPad which has now received an upgrade. iPad 2022 This model of the base model iPad ditches the almost 12 year old home button and display layout and goes for a cleaner display only design found on the iPad Air . The chassis, which now comes with flatter sides and a TouchID fingerprint sensor on the top has also abandoned the lightning port in favor of USB C and it also comes with a set of pogo style connectors for accessories including a keyboard with trackpad. Internally, the iPad comes either as a Wifi only (Wifi6) and a 5G cellular model and is offered with 64 or 256GB of storage. The processor has also been upgraded to the Apple A14 which is the same found on the iPhone 12 series and last year's iPad Air. L

HTC One to sell as TD 101 at China Mobile

HTC decided to invest in such a brand by launching the One series of smartphones last year, although the company was not able to impose its own product names to certain carriers. Then, just a few days ago, the company launched the HTC One, which is going to be the company’s only One-branded handset this year, a make-or-break kind of project for the Taiwanese Android maker that’s still having a tough time fighting against the competition, especially Samsung. We were under the impression that HTC will further invest in its One brand and not budge to carrier demands anymore when it comes to changing the name of the product – in the U.S., AT&T, Sprint and T-Mobile are going to sell it as the HTC One. But it looks like things aren’t necessarily so, and no, it’s not Verizon that’s going to get its way selling the One as the Droid DNA Plus, as it was recently rumored. We’re looking at China Mobile this time around, which has announced the HTC One as the HTC TD 101. That’s certa

Google Pixel 7 and Pixel 7 pro along with Pixel watch unveiled.

Google announced their latest Pixel 7 and Pixel 7 Pro smartphones along with the Pixel Watch - google's first wearable at a special launch event today. The devices, which are powered by Google's second generation Tensor SOC bring major improvements in photography which has always been Google's highlight. Google Pixel 7 and Pixel 7 Pro. Google's Pixel 7 and the Pixel 7 Pro are Google's latest flagship phones for 2022. The devices, which have been developed around the Tensor G2 - Google's second generation processor developed on a 4nm architecture. The chipset, which consists of 2 Cortex X1 cores, 2 Cortex A78 cores and 4 Cortex A55 cores with a Mali G710 MC10 GPU cores and the chip is paired with 8GB of RAM for the Pixel 7 and 12GB RAM for the Pro variant. Both models come with 128 / 256GB of UFS 3.1 storage and the pro model comes with 512GB. The phones, which come with two different display sizes consist of a 6.3" 2400x1080 AMOLED display with 90Hz refre

MasHD Blog

Search This Blog