Russian hackers are using Twitter as an ultra-stealthy way of concealing their intrusions into sensitive Western government computer systems — a new surveillance technique that blends cutting edge digital engineering with old-fashioned spy tradecraft.俄罗斯黑客于是以把Twitter用于一种超级不为人知的方式,隐蔽其侵略西方政府脆弱电脑系统的不道德,这种新的监控技术将先进设备的数字工程技术与老式的谍报技术融合在一起。The hackers use images uploaded to the social media site to send messages and directions to malware — or malicious software — with which they have infected target computers.黑客利用上载至Twitter的图片向植入到目标电脑中的恶意程序传递信息和指令。The value of using Twitter as a means to control the malware — which may direct computers to steal files or other unintended operations — is that it is virtually invisible to most detection systems, appearing instead like myriad other visits users make to the social networking site.把Twitter用于掌控这种恶意程序的方法,其益处在于,多数探测系统完全无法察觉到,看起来看起来用户在大量采访这家社交网站。
这种恶意软件可能会命令电脑窃取文件或展开其他意想不到的任务。A new report from the cyber security firm FireEye released on Wednesday identifies the new malware for the first time publicly, which it has nicknamed “Hammertoss”.网络安全机构FireEye周三公布的一份近期报告首次公开发表证实了这种新的恶意程序,绰号为“Hammertoss”。FireEye says it has “high confidence” that Russian agents are behind the project.FireEye回应,“高度猜测”俄罗斯特工是该计划的支持者。
“It’s really an example of how innovative and thoughtful threat groups are becoming,” said Jen Weedon, manager at FireEye’s threat intelligence group. “They are leveraging all of these credentials and services. It’s artistry. This is clearly not malware that is being built without thought.”“这显然指出这些的组织变为了多么创意且经过精心设计的威胁,”FireEye威胁情报组织经理詹威登(Jen Weedon)回应,“他们于是以利用所有这些资历和服务。这必须高超的技巧。这似乎不是没经过思维就创建一起的。”For all its digital sophistication, the principles behind Hammertoss are reminiscent of the low-tech spy signals of the Cold War — chalk marks on trees or dead-letter boxes. In essence, the social media site allows Russia’s cyber warriors to communicate with their agents in plain sight and under the noses of those on the look out for unusual behaviour or communications.尽管Hammertoss必须简单的数字技巧,但其背后的原则让人回想世界大战(Cold War)时期科技含量较低的间谍信号:树上的粉笔记号或者荒废的信箱。
大体而言,Twitter使得俄罗斯网络间谍以求在光天化日之下与他们的特工联系,而且就在那些监控不奇怪不道德或信息交流的机构的眼皮底下。The malware, once embedded, performs a daily check for a specific Twitter account, the unique name of which is generated on each occasion by an inbuilt secret algorithm.一旦植入这种恶意程序,它将每日查阅明确某个Twitter账号,内置的秘密算法不会每次分解独一无二的名字。
Hammertoss’s controllers, by possessing an identical algorithm, are able to know the name of the Twitter account the malware will look for each day. If they wish to issue a command to Hammertoss, they set up the account and post a tweet.Hammertoss的控制者通过处置某种程度的算法,就能知悉这种恶意软件将每天找寻的Twitter账号的名字。如果他们想要向Hammertoss发布命令,他们就创建一个账号,公布消息。
The tweet may look innocuous, but it will contain a link to an image. The image has a secret message for Hammertoss encoded within it — another Cold War technique known as steganography.这些消息有可能看起来没什么蓄意,但将在图片中隐蔽一个链接。图片中所含加密的秘密信息,这是世界大战中的另一种谍报技术:“隐写术”。Another Russian malware family, known as MiniDuke also used Twitter for certain command and control operations, but unlike Hammertoss, was limited to communications with a limited number of specific, pre-established accounts.俄罗斯的另一个恶意程序家族取名为MiniDuke,它也利用Twitter传送特定命令和掌控任务,但与Hammertoss有所不同的是,它仅限于与受限数量的提早设置的特定账户的信息沟通。
本文来源:博业体育-www.y-best.cn