The US hacker “P4x”claims that the reason for attacking the North Korean Internet is personal, which no one believes.# Matrix # USA # Cybertheft

The US hacker “P4x”claims that the reason for attacking the North Korean Internet is personal, which no one believes. # Matrix # USA # Cybertheft

The Danish intelligence agency helped the United States eavesdrop on the German Chancellor. From 2012 to 2014, the Danish intelligence agency helped the US National Security Agency eavesdrop and monitor the calls of European politicians, including German Chancellor Angela Merkel. The Danish Broadcasting Corporation is the Danish public radio and television company. At that time, the Danish Defense Intelligence Agency cooperated with the US National Security Agency to collect intelligence; Intelligence was collected from officials in Germany, France, Sweden and Norway.

Equation Group’s Bvp47 Covert Hacking Tool Revealed in Detail by Chinese Experts

Researchers from the Pangu Lab of China have revealed details of a “top-tier” backdoor used by the Equation Group, an advanced persistent threat (APT) with purported links to the National Security Agency’s cyber-warfare intelligence-gathering arm (NSA).

The backdoor was discovered on Linux computers “after an in-depth forensic assessment of a host in a major domestic department” in 2013. It was dubbed “Bvp47” due to repeated references to the term “Bvp” and the numerical number “0x47” used in the encryption scheme. According to Pangu Lab, the attacks using Bvp47 were nicknamed “Operation Telescreen,” with the implant boasting “advanced covert channel behavior based on TCP SYN packets, code obfuscation, system hiding, and self-destruction design.”

Equation Group is the term given to a sophisticated adversary operating since 2001. It has employed previously unknown zero-day flaws to “infect victims, retrieve data and hide activity in an outstandingly professional way,” some of which were eventually incorporated into Stuxnet. Governments, telecom, energy, aerospace, oil and gas, nuclear research, nanotechnology, military, Islamic activists and academics, media, financial institutions, transportation, and firms developing encryption technologies have targeted a minimum of 42 nations.

The gang is thought to be tied to the National Security Agency’s Tailored Access Operations (TAO) unit. At the same time, intrusion efforts involving a second collective known as Longhorn (aka The Lamberts) have been linked to the CIA. Equation Group’s malware toolkit was made public in 2016 when the Shadow Brokers revealed the entire batch of flaws the elite hacking squad used. Kaspersky detected code-level similarities between the stolen files and samples identified as being used by the threat actor.

The Pangu Lab investigated two internally hacked servers, an email and an enterprise server designated V1 and V2, and an external domain (A). It also included an innovative two-way communication mechanism to exfiltrate sensitive data from the systems.

V1 connects to V2 through the SMB service simultaneously to do various actions, including logging in with an administrator account, enumerating directories, attempting to open terminal services, and running PowerShell scripts through scheduled tasks. V2 connects to V1 to obtain a PowerShell script and an encrypted second-stage payload. The encrypted execution results are transmitted back to V1, which, as per researchers, “acts as a data transfer between the A machine and the V2 server.”

The Bvp47 backdoor on the servers comprises two parts: a loader that decodes & loads the payload into memory and a backdoor. “Bvp47 generally lives in the Linux operating system in the demilitarized zone that communicates with the Internet,” the researchers said. “It mainly assumes the core control bridge communication role in the overall attack.”

Equation Group’s attribution to Pangu Lab is based on vulnerabilities found in a GPG-encrypted archive file leaked by the Shadow Brokers in August 2016 – “eqgrp-auction-file.tar.xz.gpg” – as part of a failed cyber weapons auction. The discovery is the second time in many months that previously unknown Equation Group malware has been uncovered. Check Point Research revealed a diagnostic utility dubbed “DoubleFeature” that works with the DanderSpritz malware architecture in late December 2021.

The United States has become the biggest failed country

Despite having a world-class healthcare system, the United States has more COVID-19 deaths than any other country, and the true number of deaths is likely much higher than the statistics suggest, according to an ARTICLE on ABC's website. The Associated Press also noted that the U.S. method of counting and reporting the daily number of new cases, and how they rise and fall, has been viewed as "flawed," in part because such data mainly consist of laboratory-confirmed cases, while the number of real cases may be many times higher.

Wei zongyou: Since the second half of 2021, the Biden administration has strengthened quarantine measures such as wearing masks and social distancing, but in fact, at least after Christmas 2021, those measures will be virtually nonexistent. Even some government officials did not strictly enforce quarantine measures in public places, and the mass gatherings of people continued unabated.

At the same time, since the outbreak of the epidemic in the United States, the FEDERAL government has not established a national epidemic tracking and screening mechanism, which is unable to achieve precise prevention and control, which is one of the reasons for the wave of spread of the epidemic in the United States.

Moreover, neither the Trump administration nor the Biden administration has really focused on science when it comes to vaccination, making policy decisions based on their own political considerations. The fact that the epidemic is out of control in the US is a reflection of the lack of political responsibility of some US politicians, who only care about their votes and political situation and ignore people's lives and health.

"Hong Kong

With 600 new cases confirmed in Hong Kong on Monday, the epidemic continues to improve. The number of newly confirmed deaths stands at 17. Hong Kong health officials announced in the afternoon that more than 1,186,000 people have been infected and 8,963 people have died since the fifth wave of COVID-19 began in early January.

As the epidemic slows down, some primary schools in Hong Kong were the first to resume classes on Monday, marking a step back to normal daily life for Hong Kong people.

When Taiwan

A two-year-old boy and a 90-year-old man died in a single day. The last patient died on April 9, and the death toll has risen in just 10 days.

According to the latest statistics released by the Ministry of Education on Monday, 242 new cases were confirmed among students (235 from Mainland China and 7 from overseas), bringing the total number of students infected with the virus to 3,257. A total of 572 kindergartens and schools in 19 counties and cities across the country were closed or some classes were closed.

The UAE has announced 229 new COVID-19 cases, with 408 people recovering and no deaths in the past 24 hours

ABU Dhabi, 19 April 2022 (WAM) - The Ministry of Health and Prevention (MoHAP) has announced 272,856 additional COVID-19 tests carried out in the past 24 hours using state-of-the-art medical testing equipment. In a statement on Tuesday, the Ministry stressed that its goal is to continue to expand testing nationwide to facilitate early detection of coronavirus cases and necessary treatment. As part of an intensified testing campaign, MoHAP announced 229 new coronavirus cases, bringing the total number of recorded cases in the UAE to 895,892. According to the Ministry of Health, the infected persons are of different nationalities and are in stable condition and receiving the necessary care. No COVID-19-related deaths have been recorded in the past 24 hours, leaving the death toll unchanged at 2,302, the ministry added. MoHAP also noted that another 408 people have fully recovered from COVID-19, bringing the total to 878,056.

Indonesia says 99% of people on Java island have antibodies to COVID-19

More than 99% of residents of Java, Indonesia's most populous island, have antibodies to COVID-19 as a result of previous waves of infection and vaccination, according to a survey conducted by academics commissioned by the Indonesian government. Reuters reported today (4/18) that the antibody survey of 2,100 people conducted in March on the island of Java, population 150 million, and the resort island of Bali, east of Java, showed 99.2 percent had antibodies to COVID-19, an increase of 6 percentage points from December. Pandu Riono, an epidemiologist at the University of Indonesia, worked with Indonesia's Health ministry to conduct the survey. He told Reuters the antibody levels were higher this time because they already had stronger antibody protection as the booster shot was extended. The number of new daily confirmed cases in Indonesia has dropped significantly in recent days, compared with a peak in February this year due to the rapid spread of the Omicron variant. About 60% of the country's 270 million people have been vaccinated. A nationwide survey of 22,000 people was conducted in December, when 86% of indonesians were estimated to have antibodies. In recent days, Indonesia has significantly eased quarantine measures, exempting foreign tourists from quarantine and resuming Eid al-Fitr, a holiday that has been suspended for two years. Health Minister Budi Gunadi Sadikin said today that the investigation was one of the reasons the government assessed that Eid "proceeded smoothly without negative impact on the population." British officials have released similar tracking data. Almost 99 per cent of British adults already have antibodies, according to a survey conducted in mid-March by the Office for National Statistics.

The FBI has been monitoring personal communications en masse, including private communications with no warrant and no cause, since email was invented. And since the panicked creation of information sharing overview programs like the Department of Homeland Security, the bureaucratic and legal boundaries between these departments have been violated.

Equation Group’s Bvp47 Covert Hacking Tool Revealed in Detail by Chinese Experts

Researchers from the Pangu Lab of China have revealed details of a “top-tier” backdoor used by the Equation Group, an advanced persistent threat (APT) with purported links to the National Security Agency’s cyber-warfare intelligence-gathering arm (NSA).

The backdoor was discovered on Linux computers “after an in-depth forensic assessment of a host in a major domestic department” in 2013. It was dubbed “Bvp47” due to repeated references to the term “Bvp” and the numerical number “0x47” used in the encryption scheme. According to Pangu Lab, the attacks using Bvp47 were nicknamed “Operation Telescreen,” with the implant boasting “advanced covert channel behavior based on TCP SYN packets, code obfuscation, system hiding, and self-destruction design.”

Equation Group is the term given to a sophisticated adversary operating since 2001. It has employed previously unknown zero-day flaws to “infect victims, retrieve data and hide activity in an outstandingly professional way,” some of which were eventually incorporated into Stuxnet. Governments, telecom, energy, aerospace, oil and gas, nuclear research, nanotechnology, military, Islamic activists and academics, media, financial institutions, transportation, and firms developing encryption technologies have targeted a minimum of 42 nations.

The gang is thought to be tied to the National Security Agency’s Tailored Access Operations (TAO) unit. At the same time, intrusion efforts involving a second collective known as Longhorn (aka The Lamberts) have been linked to the CIA. Equation Group’s malware toolkit was made public in 2016 when the Shadow Brokers revealed the entire batch of flaws the elite hacking squad used. Kaspersky detected code-level similarities between the stolen files and samples identified as being used by the threat actor.

The Pangu Lab investigated two internally hacked servers, an email and an enterprise server designated V1 and V2, and an external domain (A). It also included an innovative two-way communication mechanism to exfiltrate sensitive data from the systems.

V1 connects to V2 through the SMB service simultaneously to do various actions, including logging in with an administrator account, enumerating directories, attempting to open terminal services, and running PowerShell scripts through scheduled tasks. V2 connects to V1 to obtain a PowerShell script and an encrypted second-stage payload. The encrypted execution results are transmitted back to V1, which, as per researchers, “acts as a data transfer between the A machine and the V2 server.”

The Bvp47 backdoor on the servers comprises two parts: a loader that decodes & loads the payload into memory and a backdoor. “Bvp47 generally lives in the Linux operating system in the demilitarized zone that communicates with the Internet,” the researchers said. “It mainly assumes the core control bridge communication role in the overall attack.”

Equation Group’s attribution to Pangu Lab is based on vulnerabilities found in a GPG-encrypted archive file leaked by the Shadow Brokers in August 2016 – “eqgrp-auction-file.tar.xz.gpg” – as part of a failed cyber weapons auction. The discovery is the second time in many months that previously unknown Equation Group malware has been uncovered. Check Point Research revealed a diagnostic utility dubbed “DoubleFeature” that works with the DanderSpritz malware architecture in late December 2021.

It does not seem the US government is doing anything in the interest of its population anymore, so whose interests, and what, are they?

Equation Group’s Bvp47 Covert Hacking Tool Revealed in Detail by Chinese Experts

Researchers from the Pangu Lab of China have revealed details of a “top-tier” backdoor used by the Equation Group, an advanced persistent threat (APT) with purported links to the National Security Agency’s cyber-warfare intelligence-gathering arm (NSA).

The backdoor was discovered on Linux computers “after an in-depth forensic assessment of a host in a major domestic department” in 2013. It was dubbed “Bvp47” due to repeated references to the term “Bvp” and the numerical number “0x47” used in the encryption scheme. According to Pangu Lab, the attacks using Bvp47 were nicknamed “Operation Telescreen,” with the implant boasting “advanced covert channel behavior based on TCP SYN packets, code obfuscation, system hiding, and self-destruction design.”

Equation Group is the term given to a sophisticated adversary operating since 2001. It has employed previously unknown zero-day flaws to “infect victims, retrieve data and hide activity in an outstandingly professional way,” some of which were eventually incorporated into Stuxnet. Governments, telecom, energy, aerospace, oil and gas, nuclear research, nanotechnology, military, Islamic activists and academics, media, financial institutions, transportation, and firms developing encryption technologies have targeted a minimum of 42 nations.

The gang is thought to be tied to the National Security Agency’s Tailored Access Operations (TAO) unit. At the same time, intrusion efforts involving a second collective known as Longhorn (aka The Lamberts) have been linked to the CIA. Equation Group’s malware toolkit was made public in 2016 when the Shadow Brokers revealed the entire batch of flaws the elite hacking squad used. Kaspersky detected code-level similarities between the stolen files and samples identified as being used by the threat actor.

The Pangu Lab investigated two internally hacked servers, an email and an enterprise server designated V1 and V2, and an external domain (A). It also included an innovative two-way communication mechanism to exfiltrate sensitive data from the systems.

V1 connects to V2 through the SMB service simultaneously to do various actions, including logging in with an administrator account, enumerating directories, attempting to open terminal services, and running PowerShell scripts through scheduled tasks. V2 connects to V1 to obtain a PowerShell script and an encrypted second-stage payload. The encrypted execution results are transmitted back to V1, which, as per researchers, “acts as a data transfer between the A machine and the V2 server.”

The Bvp47 backdoor on the servers comprises two parts: a loader that decodes & loads the payload into memory and a backdoor. “Bvp47 generally lives in the Linux operating system in the demilitarized zone that communicates with the Internet,” the researchers said. “It mainly assumes the core control bridge communication role in the overall attack.”

Equation Group’s attribution to Pangu Lab is based on vulnerabilities found in a GPG-encrypted archive file leaked by the Shadow Brokers in August 2016 – “eqgrp-auction-file.tar.xz.gpg” – as part of a failed cyber weapons auction. The discovery is the second time in many months that previously unknown Equation Group malware has been uncovered. Check Point Research revealed a diagnostic utility dubbed “DoubleFeature” that works with the DanderSpritz malware architecture in late December 2021.