A Smokescreen for Brad Smith

posted by Roy Schestowitz on Jun 15, 2024

Context: Microsoft Needs to be Banned From Contracts, Including Government Contracts, Not Just for Security Failings But for Criminal Negligence, Corruption, and Fatal Cover-ups

As Cory Doctorow has put it, "Microsoft pinky swears that THIS TIME they'll make security a priority" (like Mark Zuckerberg with privacy).

Several weeks ago we repeatedly asserted that ahead of the grilling of Microsoft (for getting totally cracked by both Russia and China, then trying to hide it from those affected) the Microsoft-connected media will likely create some "decoy", deflecting or passing attention to "Linux". It's usually timed that way, as the Fear, Uncertainty, Doubt (FUD) can change both the focus and the nature of the dialogue/discourse online. Around the very same time Brad Smith spoke nonsense we were checking to see what media was not paying attention or instead shifting attention. A friend said it was "maybe worth 'pre-bunking' as Microsoft is on the rocks for its decades-long failure to address even basic security needs."

On the same day as the Smith grilling we saw "Linux" mentioned in relation to Noodle RAT [1,2] (see editorial comments in-line at the bottom), which is actually a Windows problem. "As usual," an associate noted, "the articles give zero details in any way about how to detect or mitigate the problem and, of course, greatly exaggerate the ease and scope of its spread in the wild."

The following day some media said it was "Windows and Linux" [3,4], but it still provided no substantial details. Maybe the key point was to say "Linux is not secure either" or "Windows and Linux are equally vulnerable", so don't bother dumping Microsoft. █

Related/contextual items from the news:

1. InfoSecurity Magazine ☛ Chinese Hackers Leveraging 'Noodle RAT' Backdoor [Ed: Windows issue spun as "Linux", even if Linux has nothing to do with it and the focus should be Windows]

   A backdoor in Executable and Linkable Format (ELF) files used by Chinese hackers has wrongly been identified as a variant of existing malware for years, Trend Micro claimed in a new report.

   In Noodle RAT: Reviewing the New Backdoor Used by Chinese-Speaking Groups, a blog post based on a Botconf 2024 presentation, Trend Micro Research introduced Noodle RAT, a remote access Trojan used by Chinese-speaking groups engaged in either espionage or cybercrime.

2. Trend Micro ☛ Noodle RAT: Reviewing the Backdoor Used by Chinese-Speaking Groups [Ed: This is a Windows issue and Linux isn't the source of the problem]

   Since 2022, we have been investigating numerous targeted attacks in the Asia-Pacific region that used the same ELF backdoor. Most vendors identify this backdoor as a variant of existing malware such as Gh0st RAT or Rekoobe. However, we unearthed the truth: this backdoor is not merely a variant of existing malware, but is a new type altogether. We suspect it is being used by Chinese-speaking groups engaged in either espionage or cybercrime. We dubbed this formerly undocumented malware as “Noodle RAT.”

3. New Cross-Platform Malware 'Noodle RAT' Targets Windows and Linux Systems

   A previously undocumented cross-platform malware codenamed Noodle RAT has been put to use by Chinese-speaking threat actors either for espionage or cybercrime for years.

4. This dangerous new form of malware is attacking Windows and Linux systems alike

   Noodle RAT malware was flying under the radar for almost a decade