Russian hackers are using Twitter as an ultra-stealthy way of concealing their intrusions intosensitive Western government computer systems — a new surveillance technique that blendscutting edge digital engineering with old-fashioned spy tradecraft.
俄罗斯黑客正把Twitter用作一种超级隐秘的方式,隐藏其入侵西方政府敏感电脑系统的行为,这种新的监视技术将先进的数字工程技术与老式的谍报技术结合在一起。
The hackers use images uploaded to the social media site to send messages and directions tomalware — or malicious software — with which they have infected target computers.
黑客利用上传至Twitter的图片向植入到目标电脑中的恶意程序传递信息和指令。
The value of using Twitter as a means to control the malware — which may direct computers tosteal files or other unintended operations — is that it is virtually invisible to most detectionsystems, appearing instead like myriad other visits users make to the social networking site.
把Twitter用作控制这种恶意程序的方法,其好处在于,多数侦测系统几乎无法察觉,看上去像是用户在大量访问这家社交网站。这种恶意软件可能会命令电脑盗取文件或进行其他意想不到的任务。
A new report from the cyber security firm FireEye released on Wednesday identifies the newmalware for the first time publicly, which it has nicknamed “Hammertoss.
网络安全机构FireEye周三发布的一份最新报告首次公开确认了这种新的恶意程序,绰号为“Hammertoss。
FireEye says it has “high confidence that Russian agents are behind the project.
FireEye表示,“高度怀疑俄罗斯特工是该计划的支持者。
“It’s really an example of how innovative and thoughtful threat groups are becoming, saidJen Weedon, manager at FireEye’s threat intelligence group. “They are leveraging all of thesecredentials and services. It’s artistry. This is clearly not malware that is being built withoutthought.
“这确实表明这些组织变成了多么创新且经过精心设计的威胁,FireEye威胁情报组织经理詹威登(JenWeedon)表示,“他们正利用所有这些资历和服务。这需要高超的技巧。这显然不是没有经过思考就建立起来的。
For all its digital sophistication, the principles behind Hammertoss are reminiscent of the low-tech spy signals of the Cold War — chalk marks on trees or dead-letter boxes. In essence, thesocial media site allows Russia’s cyber warriors to communicate with their agents in plainsight and under the noses of those on the look out for unusual behaviour or communications.
尽管Hammertoss需要复杂的数字技巧,但其背后的原则让人想起冷战(Cold War)时期科技含量较低的间谍信号:树上的粉笔记号或者废弃的信箱。大体而言,Twitter使得俄罗斯网络间谍得以在光天化日之下与他们的特工联系,而且就在那些监视不寻常行为或信息交流的机构的眼皮底下。
The malware, once embedded, performs a daily check for a specific Twitter account, theunique name of which is generated on each occasion by an inbuilt secret algorithm.
一旦植入这种恶意程序,它将每日查看具体某个Twitter账号,内置的秘密算法会每次生成独一无二的名字。
Hammertoss’s controllers, by possessing an identical algorithm, are able to know the name ofthe Twitter account the malware will look for each day. If they wish to issue a command toHammertoss, they set up the account and post a tweet.
Hammertoss的控制者通过处理同样的算法,就能知晓这种恶意软件将每天寻找的Twitter账号的名字。如果他们想向Hammertoss发布命令,他们就建立一个账号,发布消息。
The tweet may look innocuous, but it will contain a link to an image. The image has a secretmessage for Hammertoss encoded within it — another Cold War technique known assteganography.
这些消息可能看上去毫无恶意,但将在图片中隐藏一个链接。图片中含有加密的秘密信息,这是冷战中的另一种谍报技术:“隐写术。
Another Russian malware family, known as MiniDuke also used Twitter for certain commandand control operations, but unlike Hammertoss, was limited to communications with a limitednumber of specific, pre-established accounts.
俄罗斯的另一个恶意程序家族名为MiniDuke,它也利用Twitter传递特定命令和控制任务,但与Hammertoss不同的是,它限于与有限数量的提前设置的特定账户的信息沟通。
上一篇: 希拉里将重燃美国企业的动物精神
下一篇: 英国人不苟言笑的时代已经过去
2017届高考英语一轮基础知识复习课件:选修6 Unit 4 Global warming(新人教版)
2016届高考英语二轮复习讲义练习:第1部分 语法专题突破 专题4 专题强化训练(全国卷Ⅱ)
减肥成功人士给出的减肥建议
2017届高考英语一轮基础知识复习课件:选修7 Unit 2 Robots(新人教版)
一个人吃饭是否有助于节制饮食?
2017届高考英语一轮基础知识复习课件:选修7 Unit 1 Living well(新人教版)
2016届高考英语二轮复习讲义练习:第1部分 语法专题突破 专题6 专题强化训练(全国卷Ⅱ)
福建省漳州市八校2017届高三下学期3月联考英语试卷
2017届高考英语一轮基础知识复习课件:选修6 Unit 1 Art(新人教版)
2017届高考英语一轮基础知识复习课件:必修4 Unit 5 Theme parks(新人教版)
美国人最烦人的习惯是什么?
外媒看中国:94岁功夫奶奶镇守小镇无人敢犯
2017届高考英语一轮基础知识复习课件:选修6 Unit 5 The power of nature(新人教版)
山东省济南市2017届高三一模考试英语试卷(无答案)
2017届高考英语一轮基础知识复习课件:必修5 Unit 4 Making the news(新人教版)
2016届高考英语二轮复习讲义练习:第1部分 语法专题突破 专题8 专题强化训练(全国卷Ⅱ)
末日地堡:土豪们的避难选择
2016届高考英语二轮复习讲义练习:第2部分 题型专题突破 专题1 第1讲 跟踪训练(全国卷Ⅱ)
每天该喝多少水?
2016届高考英语二轮复习讲义练习:第1部分 语法专题突破 专题3 专题强化训练(全国卷Ⅱ)