1. Forum
  2. USENET
  3. comp.dcom.telecom

  • Re: How the FBI proved a remote admin tool was actually malware [telecom]

    From Bill Horne@malassimQRMilation@gmail.com to comp.dcom.telecom on Thu Mar 16 15:47:56 2023
    From Newsgroup: comp.dcom.telecom

    On Thu, Mar 09, 2023 at 07:24:31PM -0500, Monty Solomon wrote:
    By Lorenzo Franceschi-Bicchierai

    On Thursday, the U.S. government announced that it had seized a
    website used to sell malware designed to spy on computers and
    cellphones.

    The malware is called NetWire, and for years several cybersecurity
    companies, and at least one government agency, have written reports
    detailing how hackers were using the malware. While NetWire was also reportedly advertised on hacking forums, the malware owners marketed
    it on a website that made it look like it was a legitimate remote administration tool.

    https://techcrunch.com/2023/03/09/how-the-fbi-proved-a-remote-admin-tool-was-actually-malware/

    The press release mentioned in the techcrunch article tells us that
    the investigation leading to this seizure was started in 2020. I don't
    know what the reasons are for the prolonged delay, but in an industry
    where companies sometimes start, grow, and die over a span of weeks,
    the two-plus-years wait is pitiable.

    I don't know if the delay was due to the 2020 presidential election,
    or the 2022 mid-term elections, or some other reason, but it's a sad
    excuse for justice if it takes that long. So prolonged a delay means
    that the criminals located at the other end of the malware's
    connections, at the Croatia-based "Mother Ship," were able to obtain
    not only the personal banking, medical, and social details of hundreds
    or thousands of victims - but also the login credentials for lots of small-to-medium firms where cloud-based accounting applications have
    been routine for years. Not only were individuals robbed for some or
    all of what they had, but many businesses undoubtedly found themselves
    with phantom employees whose names and social-security data existed
    only in the logs of Western Union wire transfers to far-away dens of untouchable theives whom are now both rich and gone.

    The press release mentions the seized website by name, and if you
    choose to click the link, you'll see a banner notice that "This
    Website Has Been Seized," just beneath the seals of both the
    Department of Justice and the FBI. There is passing mention of other
    agencies and governments which took part in the investigation, but
    they're mentioned in an unorderd list, shown in much smaller
    type. The emblems and/or seals of other angencies and governments are
    placed at the bottom, in much smaller sizes than the DOJ/FBI plaques
    at the top, so it very clear that the FBI wants all the credit for
    this seizure.

    Who, I wonder, will get the credit for turning the FBI into a
    competent law-enforcement organization, instead of a PR firm for the
    legacies of the hard-nosed G-men of the past? Purvis and his fellow
    agents deserve a lot of praise for their achievements - but this is
    the twenty-first century, not the twentieth, and it's long past time
    for the FBI to stop resting on its laurels.

    Bill Horne

    --
    (Please remove QRM for direct replies)

    --- Synchronet 3.21b-Linux NewsLink 1.2