[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 29/05/12 21:54, Roland Tarver wrote: > > Any one got any comments on this? Seen a lot of reports claiming it is "so complex" it must be a national government. This has more details than most, but that it uses LUA and SQLLite, nor being 20MB in size (indeed it strikes me it is rather big for the purpose of not being detected), suggest highly skilled engineers or national governments. Not saying it isn't well engineered, just that there isn't enough evidence in the reports. Mostly it tells you that current anti-malware practice isn't terribly good, in that it went undetected for so long. Nothing I've seen discusses how it gets the data it steals back, presumably this to is a pluggable module (would make sense), so possibly it varies with installation. Nor how it is so targeted if it spreads in virus like fashion. I suspect those two are rather sensitive bits of information for those infected. Plenty of well funded organisations are interested in the Iranian oil ministry and middle Eastern politics, they are call oil companies or investment companies that trade in the oil markets. Indeed these days a lot of them have more money than many national governments, or at least less debt. -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq