By Chris Soghoian / Wired February 22, 2019 05:07:37An organization working with the US Department of Homeland Security and the Federal Bureau of Investigation have uncovered a “massive” network of “malware” and “rogue” computer servers in an MIT data center, according to Wired.
The researchers also say they’ve found evidence that a handful of other companies are also operating infected machines.
The research, led by security researcher and cybersecurity expert Sam Clovis, uncovered the malware, which is apparently being hosted on servers owned by an unnamed company.
It is also being hosted by a company owned by a former employee of Google, which Clovus said is part of a larger scheme to target government data.
Cloviss also said the researchers have discovered a “diverse” set of malicious software that he suspects includes viruses and spyware, which he called “the biggest threat in the US.”
The research team, led in part by security expert Sam Boulware, says it has identified more than 500 malicious machines and about 50 malicious domains.
The malware appears to be part of an attack on the University of Pennsylvania’s Information Security Center, which runs the university’s information security labs and is part, or a part of, the Department of Defense’s Center for Cybersecurity.
Boulwas, Cloviscus and colleagues also say the malware appears in multiple other computer systems in the vicinity of the University’s Information Science and Engineering Center.
The MIT researchers, who say they have identified more malicious software than they could have possibly expected, are still trying to determine who is behind the attacks.
They have not released the malware publicly, but Clovs blog post makes clear that it was made in the company’s C# and Visual Basic code.
They also claim to have found data from the company that they believe they have not publicly disclosed.
The University of Michigan’s Information Sciences Technology Institute, where Clovides research is conducted, also appears to have been targeted by the malware.
Clovi said he was contacted by a man who claimed he worked at the Information Sciences Center, who was not available for comment.
The man said he worked in a department called Information Security and he had a copy of the files that were stolen.
He told Clovisi that he had to go to a man named Robert, who he said was a member of a company called DataBreach, to get the data back.
Clviis said he also contacted the man and he claimed he was in charge of a group called “The Big Brother Team.”
Cloviskis said that Robert told him that the data had been moved to a different server, and that the man was “working on a new scheme” that involved a new company called Cloudflare, which also hosted the data.
According to Clovisls blog, Cloudflares founder and CEO Matthew Prince and other executives are believed to be the operators of the “rogues” machines, which were not listed as having been breached by the attack.
Cliovis says the malware that was found at MIT is being hosted in a database owned by Cloudflash, a company that hosts other malicious software, including Trojans and spy software.
Clivis also says that Cloudflashes malware has been detected in more than a dozen other corporate networks, including the U.S. Army’s Joint Cyber Warfare Center, and the Pentagon’s Information Systems Center, where the FBI’s National Security Agency also operates.
Cloudflas malware is also reportedly being used by the Israeli government to collect data.
CloudFlare has previously been accused of running a malware network that was used by Israeli spies to spy on Palestinian citizens in the West Bank and the Gaza Strip.
Clervis said it appears that CloudFlash is using a similar approach to malware.
“It’s really not surprising,” Clovi said of CloudFlares actions.
“They are in this industry because they are willing to do what’s necessary to collect as much data as possible.”
Clovi, who is a former hacker and researcher at the Defense Department’s Information Warfare Center in the 1990s, says the attackers appear to be using a variety of techniques to infect machines, including network manipulation, the installation of malicious programs, the taking of data from other machines, and using malware that exploits an application vulnerability to infect the machine.
The hackers are also reportedly using exploits in the Adobe Flash Player plug-in to attack computers running on Windows systems.
“The more malware that’s on the network, the easier it is for the attacker to find a vulnerability,” Clovi told Wired.
“In the case of Flash, we’re seeing exploits in Flash that are really useful to them, because Flash is a very easy target.”
Clivi also said that there are “signs that we’re dealing with a threat.”
“It looks like they’re trying to break into our data center,” he said.
“That’s a concern.”
Clavis also said he believes the attackers are using