Computer virus infects drone plane command centre in US! Software cleaner sought!

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

http://www.guardian.co.uk/technology/2011/oct/09/virus-infects-drone-plane-command

Here we we are!

Re: Computer virus infects drone plane command centre in US! Software cleaner sought!

Jason wrote:
Quoted text here. Click to load it
http://www.guardian.co.uk/technology/2011/oct/09/virus-infects-drone-plane-command
Quoted text here. Click to load it

Strange that they call it a virus and a keylogger but give us no name
for the malware.

I have my doubts about this story.

Re: Computer virus infects drone plane command centre in US! Software cleaner sought!


Quoted text here. Click to load it

My thoughts as well.  However, it could be new information and since it is on a
DoD
computer, what "it" is might have been withheld but I don't think thath's the
case.

In just a few paragraphs it is called; spyware, virus and keylogger.

The reason I think this isn't true is the following...
"We keep wiping it off, and it keeps coming back," Wired quoted a source as
saying. "We
think it's benign. But we just don't know."

If it is a keylogger then it can't be benign as well as the fact the source is
stating "We
keep wiping it off".  DoD computers can't be cleaned, they *must* be re-imaged.

There will be no "software cleaner sought".  They will rely on heaviliy on HBSS
for
prevention and re-imaging if there is the slightest possibility of a compromised
system.

--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp



Re: Computer virus infects drone plane command centre in US! Software cleaner sought!

David H. Lipman wrote:
Quoted text here. Click to load it
There's a slashdot article suggesting that it is their very own spyware
to spy on the operators.

Aside, I saw an article being advertised right next to one of the
articles about this so-called virus about Kelly Richards (online work
scam). The article states that she is from my home town. Not
surprisingly the javascript source indicated that she is from geoip. LOL

http://careerpathjournal.com/g02/?c=12&alert=off

Is she from your hometown too?



Re: Computer virus infects drone plane command centre in US! Software cleaner sought!

FromTheRafters wrote:

Quoted text here. Click to load it

Heh, disable JavaScript and:

"Your Location Mom Makes $6,795/Month
And You Won't Believe How She Does It!"

and the second paragraph defaults to "New Jersey."   <lol>
With JavaScript enabled, the geoip misses my location by 50 miles.

--
   -bts
   -This space for rent, but the price is high

Re: Computer virus infects drone plane command centre in US! Software cleaner sought!

Beauregard T. Shagnasty wrote:
Quoted text here. Click to load it
I like how the link for it was just sitting there like a YouTube
'related video' next to the "Drone Virus" article. Maybe the same
algorithm is used "People who believed that, might also believe this" LOL.

Re: Computer virus infects drone plane command centre in US! Software cleaner sought!


Quoted text here. Click to load it

Sollentuna, Sweden Mom Makes $6,795/Month And You Won't Believe How She Does It!

We just had to find out... So we set out to do some research ourselves. We came
across a
blog by Kelly Richards of Sollentuna, Sweden.

and...

Göteborg, Sweden Mom Makes $6,795/Month And You Won't Believe How She Does It!

We just had to find out... So we set out to do some research ourselves. We came
across a
blog by Kelly Richards of Göteborg, Sweden.

and...

San Francisco, California Mom Makes $6,795/Month And You Won't Believe How She
Does It!

We just had to find out... So we set out to do some research ourselves. We came
across a
blog by Kelly Richards of San Francisco, California.

and...

Knivsta, Sweden Mom Makes $6,795/Month And You Won't Believe How She Does It!

We just had to find out... So we set out to do some research ourselves. We came
across a
blog by Kelly Richards of Knivsta, Sweden.

and...

Montreal, Canada Mom Makes $6,795/Month And You Won't Believe How She Does It!

We just had to find out... So we set out to do some research ourselves. We came
across a
blog by Kelly Richards of Montreal, Canada.

--------------

Kelly Richards sure does have a lot of residencies  ;-)



--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp



Re: Computer virus infects drone plane command centre in US! Software cleaner sought!

David H. Lipman wrote:
Quoted text here. Click to load it

Coincidence perhaps, such a common name? :oD

Quoted text here. Click to load it

I was thinking of firing up Tor to tour the world looking for Kelly.


Re: Computer virus infects drone plane command centre in US! Software cleaner sought!


Quoted text here. Click to load it

You'll get similar Torified results.


--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp



Re: Computer virus infects drone plane command centre in US! Software cleaner sought!


| David H. Lipman wrote:
Quoted text here. Click to load it
| There's a slashdot article suggesting that it is their very own spyware
| to spy on the operators.
|

I'm still hard pressed for real data.  Take the following for example...
http://www.eweek.com/c/a/Security/US-Strategic-Drone-Fleet-Infected-by-Stealthy-Keylogger-Malware-561651 /

"Ever since the WikiLeaks data breach, when hundreds of thousands of U.S.
diplomatic cables were leaked, the use of removable drives has been
restricted, except at Creech and a few other Air Force bases. "

I won't speak for CAFB specifically but, that is NOT true.  It was the
Win32/Agent.BTZ worm that casued a DoD wide ban on the use of  "USB Mass
Storage Devices" by IAVA and DoD directive, which CAFB must be in compliance
with on both NIPR, SIPR and weapon systems.  If CAFB was NOT following the
direcetives using GPO to block "USB Mass Storage Devices" and did not get a
formal waiver, then AF heads will roll.  If they had a waiver for the ban on
the use of  "USB Mass Storage Devices" and they did get infected through
this attaic vector then AF heads will still roll.

The "U.S. diplomatic cables" referred to were on the US State Deparment's
SIPRnet portal.  The exfiltration of the diplomatic cables initiated a
different set of directives and since they concern the SIPR, I'll stop
there.

Apparently, there "may" have been an event at CAFB.  However the only
information, and it remain uncorrobareted, is from Wired eZine and all
others are going off that data.

The following seems to be more in line of reality...

http://threatpost.com/en_us/blogs/report-virus-infects-us-military-drones-100811

"In some cases, systems had to have their hard drives erased and
applications and data restored to remove the infection."

However, it should NEVER be "in some cases" it should be "in ALL cases" if
they are properly following DoD and AF regulations.

--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp


Site Timeline