One of the most shocking parts of the recently discovered spying network Equation Group is its mysterious module designed to reprogram or reflash a computer hard driveâs firmware with malicious code. The Kaspersky researchers who uncovered this said its ability to subvert hard drive firmwareâthe guts of any computerââsurpasses anything elseâ they had ever seen.
The hacking tool, believed to be a product of the NSA, is significant because subverting the firmware gives the attackers God-like control of the system in a way that is stealthy and persistent even through software updates. The module, named ânls_933w.dllâ, is the first of its kind found in the wild and is used with both the EquationDrug and GrayFish spy platforms Kaspersky uncovered.
Read more at Wired.