In a leaked "weaponized information" catalog, Indian cyberarms dealer offers blackest-ever SEO

In 2014, an Indian company called Aglaya brought a 20-page brochure to ISS World (AKA the Wiretappers' Ball — the annual trade fair where governments shop for surveillance technology): the brochure laid out the company's offerings, which ranged from mobile malware for Ios and Android to a unique "Weaponized Information" selection that combined denial-of-service with disinformation to "discredit a target" online.

Aglaya's Weaponized Information service includes "polluting internet search results and popular forums such as Facebook, Twitter, Pintrest, etc," as well as "traps" "false data on blogs," "false flag operations," "leak confidential information to press and bloggers worldwide," "post bad reviews," "send false information to contacts," and "stop deals/ruin relationships."

They also offered to launch targeted denial of service attacks as a kind of "censorship as a service" for €600/day.

Scaling up from these offers, Aglaya also offered to attack a rival nation's "manufacturing," "power grid," and "critical network infrastructure" for €1M. At €2M, Aglaya would sell you 0-days for Siemens control systems.

On Motherboard, Lorenzo Franceschi-Bicchierai speculates that some of these offerings are bullshit ("exaggerated or completely made-up") but says that the real point is that there is a market for this kind of service, which suggests that there are other vendors who are less careless with their brochures.

Aglaya says it doesn't really offer this stuff, at least not anymore — they say that they produced this brochure for a single customer (they don't know who the customer was, they were working through a middleman) who didn't buy, and they regret even going to ISS World because it was a waste of time and money. Sounds legit.

Aglaya insists that it's not a malware vendor, but others the industry say it does do business selling vulns, and it's pretty lame, too. They say that they've seen Aglaya malware in the wild whose code contains Aglaya's name (a major opsec failure), and that the company favors the tactic of sending hacked Iphones to targets with notes claiming that the target has won the phone in a contest, inviting them to start using it right away.

"I would go the distance to aim to convince you that we are not a part of this market and unintentionally underwent a marketing event at the wrong trade-show," he added.

When asked a series of more detailed questions, however, Srivastava refused to elaborate, instead reiterating that Aglaya never did any business as a government hacking contractor and that attending ISS was "an exercise of time and money, albeit, in futility." He complained that his company's failure was likely due to the fact that it is not based "in the West," hypothesizing that most customers want "western" suppliers.

Asked for the identity of the potential customer who showed interest for these services, Srivastava said he did not know, claiming he only dealt with a reseller, an "agent" from South America who "claimed to have global connections" and "was interested in anything and everything."

This Leaked Catalog Offers 'Weaponized Information' That Can Flood the Web [Lorenzo Franceschi-Bicchierai/Motherboard]

(via Schneier)