Our server costs ~$56 per month to run. Please consider donating or becoming a Patron to help keep the site running. Help us gain new members by following us on Twitter and liking our page on Facebook!
Current time: December 18, 2024, 12:59 am

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
SolarWinds Russian Hack - is it reasonable to believe it is real?
#1
SolarWinds Russian Hack - is it reasonable to believe it is real?
As most of you probably know, American media is reporting about some Russian hackers having hacked the SolarWinds servers and inserted a spyware in some of the SolarWinds most popular programs, and no antivirus program detected that spyware for almost a year. Do you think it is true?

As a third year computer science student, such a story sounds rather implausible to me. I mean, those supposed Russian hackers would need to be more skilled than programmers in Microsoft, Google, Motorola or Mozilla.
To Microsoft, it has occurred a few times that their innocent programs get misdetected as malware. In April 2010, McAfee misdetected SVCHOST from Windows XP SP3 as malware, leaving perhaps around a hundred thousand machines unable to boot. In December 2010, AVG misdetected CSRSS from 64-bit Windows 7 as malware, also leaving many machines unable to boot. And there have been a few other such cases, though not as devastating. To Google, it has occurred a few times that BoringSSL (part of Chrome that ciphers HTTPS traffic) gets misdetected as ransomware, leaving a large part of the Internet ciphered using flawed algorithms. To Motorola, it has occurred that their Bluetooth drivers get misdetected as malware. To Mozilla, it has occurred many times that SpiderMonkey (the JavaScript engine of the Firefox browser, using some advanced JIT-compilation techniques) gets misdetected as a virus (because AVs think it is self-replicating code).
So, if the programmers working at Microsoft, Google, Motorola and Mozilla have trouble making innocent programs that does not get detected by some antivirus software as malware, is not it kind of absurd to claim there are Russian hackers who can make actual malware that does that? It is obviously incredibly hard to make a good JavaScript engine that won't be detected as malware by some AV (since not even Mozilla can do it), so it must be significantly harder to make actual malware that won't be detected as malware by any AV, right?
Reply
#2
RE: SolarWinds Russian Hack - is it reasonable to believe it is real?
You really should get a formal education. It would expose you to ideas you are unaware of in your solitary ignorance.
[Image: extraordinarywoo-sig.jpg]
Reply
#3
RE: SolarWinds Russian Hack - is it reasonable to believe it is real?
Quote: I mean, those supposed Russian hackers would need to be more skilled than programmers in Microsoft, Google, Motorola or Mozilla.
They are. Of course, it helps that the US has a complicit president.
Boru
‘I can’t be having with this.’ - Esmeralda Weatherwax
Reply
#4
RE: SolarWinds Russian Hack - is it reasonable to believe it is real?
(December 20, 2020 at 4:03 pm)Angrboda Wrote: You really should get a formal education.  It would expose you to ideas you are unaware of in your solitary ignorance.

I am not sure what you mean, as I have mentioned I am a third-year computer science student.
Reply
#5
RE: SolarWinds Russian Hack - is it reasonable to believe it is real?
(December 20, 2020 at 4:17 pm)FlatAssembler Wrote:
(December 20, 2020 at 4:03 pm)Angrboda Wrote: You really should get a formal education.  It would expose you to ideas you are unaware of in your solitary ignorance.

I am not sure what you mean, as I have mentioned I am a third-year computer science student.

I have my facts confused then.
[Image: extraordinarywoo-sig.jpg]
Reply
#6
RE: SolarWinds Russian Hack - is it reasonable to believe it is real?
(December 20, 2020 at 3:59 pm)FlatAssembler Wrote: As most of you probably know, American media is reporting about some Russian hackers having hacked the SolarWinds servers and inserted a spyware in some of the SolarWinds most popular programs, and no antivirus program detected that spyware for almost a year. Do you think it is true?

As a third year computer science student, such a story sounds rather implausible to me. I mean, those supposed Russian hackers would need to be more skilled than programmers in Microsoft, Google, Motorola or Mozilla.

It is entirely possible.  That doesn't mean we really know the truth yet.

Hacking isn't easy for the average person.  The hackers out there build on exploits that have taken hundreds or thousands of hours each to find and.  They use toolkits floating around the darkweb that prey on un-patched systems.

Finding a new exploit is hit-and-miss, and takes time.  Creating an exploit gives a huge payoff, but takes a lot of planning.

Virus checkers are very poor at finding novel exploits.  They typically search for signatures of known viruses in code, as well as scan for changes in boot files.  They cannot search for new malicious code in actual programs that have been given permission to run.  Any program, when given access to run, can do key scans, open ports, search for files on the system.  Hack a trusted updater, and it has the permission to update programs.

Of course virus checkers can be updated to find the new threat, but only after it is analyzed and virus checkers updated.

Think of a virus scanner as your immune system.  It can only react to what it has been exposed to already.  A novel virus doesn't get caught.
Reply
#7
RE: SolarWinds Russian Hack - is it reasonable to believe it is real?
(December 20, 2020 at 4:17 pm)FlatAssembler Wrote:
(December 20, 2020 at 4:03 pm)Angrboda Wrote: You really should get a formal education.  It would expose you to ideas you are unaware of in your solitary ignorance.

I am not sure what you mean, as I have mentioned I am a third-year computer science student.

Third year student. I have 30 years of experience. You don't know what you don't know.
Reply
#8
RE: SolarWinds Russian Hack - is it reasonable to believe it is real?
At work.

(December 21, 2020 at 12:21 am)Jackalope Wrote:
(December 20, 2020 at 4:17 pm)FlatAssembler Wrote: I am not sure what you mean, as I have mentioned I am a third-year computer science student.

Third year student. I have 30 years of experience. You don't know what you don't know.

Yes, well. As some one who's 'Just an average Joe' I can but marvel in regards to someone who's studied computers for three years.

Why I oft times look at the bonnet of my car and wonder, "What's under there?" Tongue

Big Grin


Much cheers.
Reply
#9
RE: SolarWinds Russian Hack - is it reasonable to believe it is real?
(December 20, 2020 at 8:46 pm)HappySkeptic Wrote:
(December 20, 2020 at 3:59 pm)FlatAssembler Wrote: As most of you probably know, American media is reporting about some Russian hackers having hacked the SolarWinds servers and inserted a spyware in some of the SolarWinds most popular programs, and no antivirus program detected that spyware for almost a year. Do you think it is true?

As a third year computer science student, such a story sounds rather implausible to me. I mean, those supposed Russian hackers would need to be more skilled than programmers in Microsoft, Google, Motorola or Mozilla.

It is entirely possible.  That doesn't mean we really know the truth yet.

Hacking isn't easy for the average person.  The hackers out there build on exploits that have taken hundreds or thousands of hours each to find and.  They use toolkits floating around the darkweb that prey on un-patched systems.

Finding a new exploit is hit-and-miss, and takes time.  Creating an exploit gives a huge payoff, but takes a lot of planning.

Virus checkers are very poor at finding novel exploits.  They typically search for signatures of known viruses in code, as well as scan for changes in boot files.  They cannot search for new malicious code in actual programs that have been given permission to run.  Any program, when given access to run, can do key scans, open ports, search for files on the system.  Hack a trusted updater, and it has the permission to update programs.

Of course virus checkers can be updated to find the new threat, but only after it is analyzed and virus checkers updated.

Think of a virus scanner as your immune system.  It can only react to what it has been exposed to already.  A novel virus doesn't get caught.

But, obviously, antivirus programs are trying very hard to detect unknown malware. If they did not, false positives would not be a problem.

(December 20, 2020 at 4:10 pm)BrianSoddingBoru4 Wrote:
Quote: I mean, those supposed Russian hackers would need to be more skilled than programmers in Microsoft, Google, Motorola or Mozilla.
They are. Of course, it helps that the US has a complicit president.
Boru

But antivirus software don't care who is the president, do they?
Reply
#10
RE: SolarWinds Russian Hack - is it reasonable to believe it is real?
(December 21, 2020 at 8:01 am)FlatAssembler Wrote:
(December 20, 2020 at 8:46 pm)HappySkeptic Wrote: It is entirely possible.  That doesn't mean we really know the truth yet.

Hacking isn't easy for the average person.  The hackers out there build on exploits that have taken hundreds or thousands of hours each to find and.  They use toolkits floating around the darkweb that prey on un-patched systems.

Finding a new exploit is hit-and-miss, and takes time.  Creating an exploit gives a huge payoff, but takes a lot of planning.

Virus checkers are very poor at finding novel exploits.  They typically search for signatures of known viruses in code, as well as scan for changes in boot files.  They cannot search for new malicious code in actual programs that have been given permission to run.  Any program, when given access to run, can do key scans, open ports, search for files on the system.  Hack a trusted updater, and it has the permission to update programs.

Of course virus checkers can be updated to find the new threat, but only after it is analyzed and virus checkers updated.

Think of a virus scanner as your immune system.  It can only react to what it has been exposed to already.  A novel virus doesn't get caught.

But, obviously, antivirus programs are trying very hard to detect unknown malware. If they did not, false positives would not be a problem.

(December 20, 2020 at 4:10 pm)BrianSoddingBoru4 Wrote: They are. Of course, it helps that the US has a complicit president.
Boru

But antivirus software don't care who is the president, do they?

No, but the people who create the virus software just might.

Boru
‘I can’t be having with this.’ - Esmeralda Weatherwax
Reply



Possibly Related Threads...
Thread Author Replies Views Last Post
  [Serious] Attack on Russian Concert Hall Ravenshire 11 1484 March 27, 2024 at 11:14 am
Last Post: The Grand Nudger
  Russian ransomware site... brewer 1 329 July 13, 2021 at 11:37 pm
Last Post: Fireball
  CNN- UN expert recommends Kushner change his phone after suspected Saudi hack WinterHold 1 658 January 25, 2020 at 6:04 am
Last Post: The Grand Nudger
  Russian Woman Reportedly Faces 6 Years in Prison for Insulting Memes about Xtians purplepurpose 1 669 October 16, 2018 at 5:31 am
Last Post: Gawdzilla Sama
  Shitheads, and Gun Nuts and Russian Bears, Oh My! Minimalist 6 1258 May 26, 2018 at 10:47 am
Last Post: tjakey
  NRA.... New Russian Allies. Brian37 49 10627 April 12, 2018 at 9:27 pm
Last Post: The Grand Nudger
  This Actually Seems Reasonable Minimalist 1 315 February 28, 2018 at 8:26 pm
Last Post: BrianSoddingBoru4
  FBI looking at potential transfers from Russian banker to NRA Gawdzilla Sama 17 2558 January 19, 2018 at 12:09 pm
Last Post: The Grand Nudger
  Real russian colusion Drich 35 7725 October 27, 2017 at 9:40 pm
Last Post: Crossless2.0
  Russian helicopter accidentally fires on bystanders Jello 6 1629 September 21, 2017 at 6:31 am
Last Post: Gawdzilla Sama



Users browsing this thread: 5 Guest(s)