A report published by well know Russian security firm Kaspersky Labs on Tuesday revealed that Iran is one of the most hacked countries from a new malware bug.
The Moscow-based firm said a group calling themselves the Equation Group has targeted primarily Iran, Russia and Venezelua among others with the new malware. The company uncovered the hack when many of the computers it runs anti-virus software for began showing the virus file.
The Equation Group has supposedly been active since 1996. The hacking tool the group has been spotted using is based on a hard-drive firmware hack. Kaspersky Labs says that it exceeds anything they have ever seen before.
The security firm recovered two plug-ins in the Equation Group’s malware program that have the ability to reprogram the firmware of hard-drives.
The malware is almost invisible and very resistant. It survives reformatting and reinstalls of operating systems. The HDD firmware hack works with major HDD brands including Seagate, Maxtor, Western Digital, Toshiba and Samsung.
“Another dangerous thing is that once the hard drive gets infected with this malicious payload, it is impossible to scan its firmware,” says Costin Raiu, Director of the Global Research team.
“To put it simply: for most hard drives there are functions to write into the hardware firmware area, but there are no functions to read it back. It means that we are practically blind, and cannot detect hard drives that have been infected by this malware.”
