That was a pretty good paper. I really wanted to know a lot more about the hard drive flashing stuff, but it doesn't look like it's pretty damned rare. Some of the strings inside the compiled code seem to mention HDD manufacturers, and firmware commands.
NSA is mentioned a lot in the article (and others), but the actual paper makes no such claims. In fact, when discussing a deployment method using available BBS software, it was mentioned specifically...
...that the attackers have taken special care not to infect users visiting from certain ISPs in these countries [Jordan, Turkey, Egypt]...
So, there's that. There's all sorts of clever programming groups out there.
That was a pretty good paper. I really wanted to know a lot more about the hard drive flashing stuff, but it doesn't look like it's pretty damned rare. Some of the strings inside the compiled code seem to mention HDD manufacturers, and firmware commands.
NSA is mentioned a lot in the article (and others), but the actual paper makes no such claims. In fact, when discussing a deployment method using available BBS software, it was mentioned specifically...
So, there's that. There's all sorts of clever programming groups out there.