Extracting Equation Group's malware from hard drives
grarpamp
grarpamp at gmail.com
Wed Feb 18 13:20:05 PST 2015
On Wed, Feb 18, 2015 at 2:48 AM, Virilha
<cypherpunks at cheiraminhavirilha.com> wrote:
>
> This 3-letters-agency did it with software, mostly using undocumented ATA
> commands.
>
> Assuming no one knows the specifications for the ATA commands
All the non vendor specific command specs are documented
at t10, t13, serialata ...
https://ata.wiki.kernel.org/index.php/Developer_Resources
Which you can bitbash for fun from userland with the likes of ...
http://www.freebsd.org/cgi/man.cgi?query=camcontrol
More information about the cypherpunks
mailing list