This website uses cookies to ensure you get the best experience on our website. Learn more

We've Just Discovered Insane New Government-Made Malware

We're not sure if the malicious code came from the U.S. or Mordor. 

Researchers have found advanced malware that can steal encryption keys, collect information from air-gapped computers, and record someone’s keystrokes without being detected. The researchers have no idea who designed the malware, named Project Sauron, but it’s so sophisticated they’re convinced it must be a “nation-level” organization. Instead of pointing fingers (or respecting Lord of the Rings lore), they’re calling Project Sauron’s creator “Strider.”

Project Sauron was outlined in two reports, one from Kaspersky Lab and the other from Symantec.

Both security firms marvel at its complexity:

“The threat actor behind [Project Sauron] commands a top-of-the-top modular cyber-espionage platform in terms of technical sophistication,” Kaspersky Lab writes in its paper on the tool, “Designed to enable long-term campaigns through stealthy survival mechanisms coupled with multiple exfiltration methods.”

Which means it probably wasn’t created by a small group of people doing whatever the hell they’re doing in this ridiculous “hacking” scene from Arrow:

Instead, Kaspersky and Symantec think that “Strider” is probably directly affiliated with a major world government. The two security research firms aren’t pointing fingers at the United States, but for the most part, Project Sauron’s targets aren’t friends of America.

Article continues below

There's a reason over 300,000 people subscribe to Inverse. You can win cool stuff just for reading, plus you learn something new every day.
Subscribe:

Kaspersky Lab found the malware lurking on computers in Russia, Iran, and Rwanda; Symantec also found it on devices in Belgium, Sweden, and China. Project Sauron is said to have targeted government embassies, telecom companies, scientific research centers, and an airline, among other groups.

Project Sauron has been lurking on unsuspecting computers for quite a while, learning from its predecessors like Flame, Duqu, and other sophisticated malware programs. It’s an extraordinary piece of code, and both Symantec and Kaspersky are reasonably certain that “Strider” is being run by a national government.

“Strider is capable of creating custom malware tools and has operated below the radar for at least five years,” Symantec writes in its report on the sophisticated malware. “Based on the espionage capabilities of its malware and the nature of its known targets, it is possible that the group is a nation-state level attacker.”

Project Sauron was built to evade detection by using different file sizes, names, and modules for each target, which makes it hard for researchers to identify it.

“The attackers clearly understand that we as researchers are always looking for patterns. Remove the patterns and the operation will be harder to discover,” Kaspersky Lab writes in its report. “We are aware of more than 30 organisations attacked but we are sure that this is just a tiny tip of the iceberg”

That could have serious implications for Strider, whomever it may turn out to be. North Korea faced enormous backlash after it was accused of hacking Sony in 2014 and, potentially, continuing to target other groups in the years since then.

If Strider does turn out to be American, it wouldn’t be the first time the U.S. has deployed a hack on this scale. The infamous Stuxnet virus, said to have been created by the US and Israel, caused serious physical damage to Iran’s nuclear facilities (it overloaded some sensitive centrifuges and stuff blew up). It could only be a matter of time before Iran finally retaliates.

These incidents, along with many others, raise an important question about where hacking falls on the scale between “crime” and “declaration of war.” Until that’s decided, every hack is a gamble.

Of course, that’s only true if Project Sauron’s creation can be attributed to any one nation-state in particular, and that probably isn’t going to happen anytime soon. Though there’s probably plenty of finger-pointing going on behind closed doors, there isn’t enough public information to unmask Strider yet. But Project Sauron is written in English, it’s sophisticated enough to evade researchers for five years, and it targeted people in important positions.

“Attribution is hard and reliable attribution is rarely possible in cyberspace. Even with confidence in various indicators and apparent attacker mistakes, there is a greater likelihood that these are smoke and mirrors created by an attacker with a greater vantage point and vast resources,” Kaspersky Lab writes in a blog post. “When dealing with the most advanced threat actors, as is the case with [Project Sauron], attribution becomes an unsolvable problem.”

For now, Strider shall remain in the shadows.

Media via Getty Images / Adam Berry

Where Is Starman? Elon Musk Teases SpaceX Mission to Catch Up With Roadster

The iconic car has completed one full rotation.

Starman, SpaceX’s dummy touring the solar system, could soon get a visitor.

Elon Musk, CEO of the space-faring firm, stated on Twitter Sunday that the company could launch a small spacecraft to catch up with Starman and take some photos “in a few years.” Musk, who regularly gives a virtual thumbs-up to fan ideas that eventually emerge as full-fledged projects, did not offer any more suggestions about how the mission could work.

SpaceX Mars City: Here’s How Much Elon Musk's Dream Would Cost

Elon Musk has placed a figure on the scheme that's out-of-this-world.

How much would it cost to build a city on Mars? According to Elon Musk over the weekend, it could be the most expensive construction project in human history — and cost up to an eighth of the value of the entire global economy.

The SpaceX CEO’s vision includes not only sending the first humans to Mars, but to use that mission as a starting point to build a permanent settlement. Assuming all goes to plan, Musk believes that a self-sustaining city could take shape as early as 2050.