Extracting Equation Group's malware from hard drives
The Doctor
drwho at virtadpt.net
Wed Feb 18 10:45:38 PST 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 02/17/2015 04:56 PM, Alfie John wrote:
> Does anyone know of any tools to extract the Equation Group's
> malware from hard drive firmware?
- From talking with some folks who've dumped and reverse engineered
other kinds of firmware, the JTAG interface
(http://www.corelis.com/education/JTAG_Tutorial.htm) seems like it'd
be a good place to start. That, and digging up the datasheets on as
many of the integrated circuits on the boards in question.
> Also, are there any public registries online to report and view
> infections?
Not offhand. I'd be curious, too.
- --
The Doctor [412/724/301/703/415] [ZS]
PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/
Covalent bonding: Sharing is caring!
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJU5N3NAAoJED1np1pUQ8RkQzsP/2gApXEcFml+SX+9P5CVpAhT
MAhnQHxtJ53Pk44WL+/bt2+QcejfyK+PjNmcFHtAXOyr86vnqCv6OsHVcnTEuJZ9
6HvR3n06bEDy1g/OzuO8RlmYsmkNaHrLb1keou26rtthFBBvqD5VRJQQyD7xi+mu
89466rdtdDqPEcBxivqmJp8Rx4NU/V9vXXQ1pE76t13CfbFUMPRIZwQs6SVlvS2+
Jc16k9JSO+rbj9ciHn4nBq3eq6p4ZMK95m235Okn4SkuKc9vJGNWHrOme9tP9qXa
3EpABQsL7bbT+kL0lFNB0jQj0Bb44KIuMCje89k9GO7LbOr/775p12q/v6G4oE1X
EQ5KIQmZLNUx2P+QChAW3AYuNoVqIkLMKOd7M/bqu9KnQrrpWtQ5G+eskMOvRToA
2guj8nyIrqniVCqr4dQVZKF2f75CGd1tw46t4NCV5xHJRK5gBuJIGSnZ06WYQVRB
0L87/fLw4faZNLPlJ0mMg98Q0sZYlnQUREPkStVX+ZB2hw22h3x2lPsMppPTolkA
tvv7oEtZsBRGT+bhrEO5Apz3Aa7JMkVjn7j2i8K7IrQBUTPOVLiSAgAMen2IKj/G
ks+drxLjPKSamMHlP5ycAdOBgiz4/9PI7WiKsU0BrI4b98OrxPmlnCghKOyCMHFc
qJIEby0Ch6YPvAbvBmGC
=LN8k
-----END PGP SIGNATURE-----
More information about the cypherpunks
mailing list