> It does not use virtual machine-based obfuscation, novel techniques for anti-debugging, or anything else to make it different from the hundreds of malware samples found every day.
Okay? … simplicity is a virtue.
They also addressed that, to where we don’t know what most of their malware even does:
>> The name originated from the group's extensive use of encryption. By 2015, Kaspersky documented 500 malware infections by the group in at least 42 countries, while acknowledging that the actual number could be in the tens of thousands due to its self-terminating protocol.
> The longer they remained undetected, the more systems that could be attacked and the longer Stuxnet could continue evolving as a deployment platform for follow-on worms.
Stuxnet wasn’t meant as a long term penetration: they hit a specific target with a one-time cyber weapon.
For reference, when their tools leaked in 2016, exploits from 2013 were still zero-days.
>> In August 2016, a hacking group calling itself "The Shadow Brokers" announced that it had stolen malware code from the Equation Group. […] The most recent dates of the stolen files are from June 2013, thus prompting Edward Snowden to speculate that a likely lockdown resulting from his leak of the NSA's global and domestic surveillance efforts stopped The Shadow Brokers' breach of the Equation Group.
Okay? … simplicity is a virtue.
They also addressed that, to where we don’t know what most of their malware even does:
>> The name originated from the group's extensive use of encryption. By 2015, Kaspersky documented 500 malware infections by the group in at least 42 countries, while acknowledging that the actual number could be in the tens of thousands due to its self-terminating protocol.
> The longer they remained undetected, the more systems that could be attacked and the longer Stuxnet could continue evolving as a deployment platform for follow-on worms.
Stuxnet wasn’t meant as a long term penetration: they hit a specific target with a one-time cyber weapon.
For reference, when their tools leaked in 2016, exploits from 2013 were still zero-days.
>> In August 2016, a hacking group calling itself "The Shadow Brokers" announced that it had stolen malware code from the Equation Group. […] The most recent dates of the stolen files are from June 2013, thus prompting Edward Snowden to speculate that a likely lockdown resulting from his leak of the NSA's global and domestic surveillance efforts stopped The Shadow Brokers' breach of the Equation Group.
Source:
https://en.wikipedia.org/wiki/Equation_Group