The NSA’s secret malware domains

Wired reports: The names suggest a parade of a C-list websites. There was NewJunk4U.com and Monster-Ads.net, CoffeeHausBlog.com and SuddenPlot.com. But, these sad-sounding domains actually were artful creations of the National Security Agency: They were fronts for distributing and controlling government malware around the world.

Those domains and 109 others came to light last month as part of the “Equation Group” report from anti-virus vendor Kaspersky. Researchers at Kaspersky identified 300 such domains, and published 113 of them.

The NSA’s malware domains always have been a closely guarded secret—it’s the kind of direct, actionable information that can expose even old cyber espionage operations. Now the agency is in an awkward position: What should it do with these domains now that their covers have been blown? The domains were chosen to look legitimate, which means the US government is effectively cyber squatting on a sizable portfolio of names like newjunk4u.com and businessdealsblog.com that are no longer useful for espionage, but potentially valuable for business. [Continue reading…]

Facebooktwittermail