The team of malicious actors is dubbed the the "Equation Group" by researchers from Moscow-based Kaspersky Lab, and describes them as "probably one of the most sophisticated cyber attack groups in the world," and "the most advanced threat actor we have seen."
這個被稱作是 Equation Group 的駭客組織，
Russian security experts reportedly uncovered state-created spyware hidden in the hard drive firmware of more than dozen of the largest manufacturers brands in the industry, including Samsung, Western Digital, Seagate, Maxtor, Toshiba and Hitachi.
These infected hard drives would have given the cyber criminals persistence on victims' computers and allowed them to set up secret data stores on the machines, which is only accessible to the malicious hackers.
包括 Samsung, WD, Seagate, Maxtor, Toshiba, Hitachi。
One of the most sophisticated features of these notorious piece of hacking tools is the ability to infect not just the files stored on a hard drive, but also the firmware controlling the hard drive itself. The malware is hidden deep within hard drives in such a way that it is difficult to detect or remove it.
If present, once the victim insert that infected storage (such as a CD or USB drive) into an internet-connected PC, the malicious code allows hackers to snoop victims' data and map their networks that would otherwise be inaccessible.
被感染的 CD 或 USB 插入連網的電腦的話，
Such an exploit could survive a complete hard drive wipe, or the re-installation of an operating system, and "exceeds anything we have ever seen before,"
The firm recovered two modules belonging to Equation group, dubbed EquationDrug and GrayFish. Both were used to reprogram hard drives to give the malicious hackers ability to persistently control over a target machine.
此惡意程式包含了 EquationDrug 和 GrayFish 兩個模組，
GrayFish can install itself into computer's boot record — a software code that loads before the operating system itself — and stores all of its data inside a portion of the operating system known as the registry, where configuration data is normally stored.
GrayFish 可以將自身安裝進電腦的 Boot Record 中，
並將自身的資料儲存在作業系統的 Registry 中。
EquationDrug, on the other hand, was designed to be used on older versions of Windows operating systems, and "some of the plugins were designed originally for use on Windows 95/98/ME" — very old versions of Windows OS that they offer a good indication of the Equation Group's age.
EquationDrug 則是被設計來用於早期的 Windows 作業系統中，
裡頭一些套件甚至是被設計用於 Windows 95/98/Me 上，
這也顯示了 Equation Group 這個組織存在了一段不短的時間了。
Security researchers are calling the malware as the "ancestor" of Stuxnet and Flame, the most sophisticated and powerful threats that were specially designed to spy and sabotage ICS and SCADA systems.
資安研究者將此惡意程式視為 Stuxnet 和 Flame 這兩個惡意程式的原型。
Kaspersky declined to publicly name the country or agency behind the spying campaign, but said it was closely linked to Stuxnet — the NSA-led cyberweapon that was used to sabotage the Iran's uranium enrichment facility.
卡巴斯基並未言明 Equation Group 幕後的支持者是誰，
但表示和 Stuxnet (NSA 用來攻擊伊朗核電廠的工具) 有密切關聯。
Another reason is that most of the infections discovered by the Moscow-based security firm have occurred in countries that are frequently US spying targets, such as China, Iran, Pakistan and Russia.
For its part, the NSA declined to comment on the report.
如果覺得這篇文章對你有幫助， 除了留言讓我知道外， 或許也可以考慮請我喝杯咖啡， 不論金額多寡我都會非常感激且能鼓勵我繼續寫出對你有幫助的文章。
If this blog post happens to be helpful to you, besides of leaving a reply, you may consider buy me a cup of coffee to support me. It would help me write more articles helpful to you in the future and I would really appreciate it.