In the press

Media Inquiries: press@comae.com

Here’s What a Cyber War With Russia May Actually Look Like

Bloomberg
On this episode of Odd Lots, Joe Weisenthal and Tracy Alloway speak with Matt Suiche, a famous hacker and co-founder of Comae Technologies, about what a cyber war between Russia and the West may actually look like.

FBI Reached into Exchange Servers To Delete Hafnium Webshells

Redmondmag
Webshells now seem to be a reason for the FBI to access servers in the United States. That notion was suggested by Matt Suiche, a security researcher and Microsoft Most Valuable Professional, in this Twitter post.

In 'Sophisticated' Incident, Dozens of United Nations Servers Hacked

Time
Security researcher Matt Suiche, a French entrepreneur based in Dubai who founded the cybersecurity firm Comae Technologies, reviewed the report and said it appeared entry was gained through an anti-corruption tracker at the U.N. Office of Drugs and Crime.

UN hacked in apparent espionage operation: report

New York Post
Security researcher Matt Suiche, a French entrepreneur based in Dubai who founded the cybersecurity firm Comae Technologies , reviewed the report and said it appeared entry was gained through an anti-corruption tracker at the UN Office of Drugs and Crime.

Questions linger over investigation into Jeff Bezos’ hacking

AP News
Matt Suiche, a French entrepreneur based in Dubai who founded cybersecurity firm Comae Technologies, said the video file was presumably on the iPhone because the report showed a screenshot of it. If the file had been deleted, he said the report should have stated this or explained why it was not possible to retrieve it. “They’re not doing that. It shows poor quality of the investigation,” Suiche said.

Apple’s Lawsuit Against a Startup Shows How It Wants to Control the iPhone Hacking Market

VICE Motherboard
Matt Suiche, a well-known researcher who developed virtualization software in the past, tweeted: “Imagine what today's Cloud Computing landscape would look like if VMware had been sued by IBM or Microsoft back in 1998,”

Microsoft Slammed For Investment In Israeli Facial Recognition ‘Spying On Palestinians’

Forbes
Some have decried Microsoft’s backing of AnyVision. One critic, cybersecurity entrepreneur Matt Suiche, called the investment “scandalous.”

Despite reservations about NSA's Ghidra, experts see value

TechTarget
I understand the paranoia; we have seen security products with security bugs many times," Suiche said. "Whatever is software will have security bugs, that's the AppSec Murphy's Law. So backdoor or not, I'm sure we will see presentations where people find security bugs.

Signal Upgrade Process Leaves Unencrypted Messages on Disk

BleepingComputer
After this stage, hacker and security researcher Matt Suiche noticed that the app dumped the information in a location of his choosing without encrypting it first.

Google Promises Crackdown on 'Tech Support' Fraudsters

BankInfoSecurity
In one incident, shared by Matt Suiche, an incident response expert who runs Comae Technologies, fraudsters phoned a would-be victim - in reality, an information security expert

Cryptocurrency ads are still getting through Facebook’s ban

Mashable
But like many Facebook updates and actions, it's far from perfect. Tech founder Matthieu Suiche pointed out this Facebook ad last week that successfully broke through the rules by using "BITC0IN" in the shared text and article headline.

Cryptocurrency Ads Find Ways Around Facebook’s Ban

Bloomberg
In one recent ad, the "o" in "BITCOIN" was replaced with a zero, and the capital I’s were replaced with lowercase L’s. The tactic was noticed by French entrepreneur Matthieu Suiche on Twitter, who said he was surprised by the ban’s lack of sophistication.

Facebook Is Investigating Bitcoin Ads Bypassing Its New Ban

Motherboard
Matthieu Suiche, founder of cybersecurity startup Comae Technologies, tweeted a screenshot allegedly showing one of the offending ads on Saturday. The ad was likely intentionally misspelled, Suiche wrote, presumably to circumvent Facebook’s ban.

Hackers Have Walked Off With About 14% of Big Digital Currencies

Bloomberg
But in many ways they are no safer than any other software, Matt Suiche, who runs the blockchain security company Comae Technologies, said in a phone interview.

Russian military was behind ‘NotPetya’ cyberattack in Ukraine, CIA concludes

WashingtonPost
“For many days, people were classifying NotPetya as an actual ransomware,” said Matt Suiche, founder of Comae Technologies, a cybersecurity firm. “It took a few days for people to understand what it was doing” — that it was permanently wiping data, he said.

The Criminal Underworld Is Dropping Bitcoin for Another Currency

Forbes
Monero is now “one of the favorites, if not the favorite,” Matt Suiche, founder of Dubai-based security firm Comae Technologies, said in a phone interview.

US Blames North Korea For WannaCry

Forbes
Shortly after the attacks in May that crippled U.K. hospitals, infected medical equipment and caused widespread chaos, cybersecurity researchers from Google, Comae Technologies, Kaspersky Lab and Symantec all made technical links between the WannaCry malware and the Lazarus Group, a cyberespionage crew previously associated with North Korean-government operations.

Suiche Says Bitcoin Has Become So Mainstream [Video]

Bloomberg
Matt Suiche, founder of Comae Technologies, discusses bitcoin's popularity and security. He speaks on "Bloomberg Markets: Middle East."

Accidental' Bug May Have Frozen $280 Million Worth Of Digital Coin Ether In A Cryptocurrency Wallet

CNBC
Although Parity didn't disclose how much ether is currently frozen, French hacker Matt Suiche said in a blog post Tuesday that the code wipeout means that more than $280 million worth has been locked.

What'S Going On With Ethereum? $280M In Cryptocurrency 'Lost' Amid Security Scare

International Business Times
Matthieu Suiche, a security and cryptocurrency expert at Comae Technologies, said in a blog post that the bug in question had likely managed to escape an internal Parity code review.

Safety And Security‘Badrabbit’ Malware Targets Russia

PYMNTS
Prominent cybersecurity guru Matt Suiche both came to this conclusion within 24 hours of the attack, and it gels with officials’ gut instincts.

Badrabbit Attack Appeared To Be Months In Planning

DataBreachToday
Incident response expert Matt Suiche, managing director of Dubai-based Comae Technologies, says whoever launched BadRabbit appeared to possess the original source code for NotPetya. 'Many parts have been improved, deleted and rewritten,' he says via Twitter.

Bad Rabbit Ransomware Attacks Planned Long Ago

TechTarget
Matt Suiche, founder of Comae Technologies, noted on Twitter that the two ransomware variants had much more in common than most thought.

Nsa Cyberweapons Report Follows Kaspersky Transparency Plan

TechTarget
Matt Suiche, founder of managed threat detection company Comae Technologies, told SearchSecurity that the Kaspersky transparency 'initiative is good in general,' but said it might not be enough to prove they are innocent. It's hard (or impossible) to come back from allegations f(...)

Flying Cabs No Fiction In Dubai [Video]

CGTN
When it comes to software engineering, there is no way to actually verify it. Because, by definition, software always has vulnerabilities, because the software is being engineered by humans,” said Matt Suiche, founder of Comae Technologies.

I Was Hacked By Ransomware In The Global Cyber Attack - How Rubica Is The Answer

Reporter Expert
Security Researcher Matthieu Suiche noted that the latest attack was an “improved and more lethal version” of its predecessor, WannaCry. Suiche helped contain WannaCry’s spread with a kill switch he made to stop the attacks. He said that WannaCry had attempted to hit 80,000(...)

Someone Has Emptied The Ransom Accounts From The Wannacry Attack

CNN Tech
Law enforcement officials will be on the alert, tracking where the bitcoin goes, according to Matthieu Suiche, founder of Comae Technologie. Essentially, investigators will be able to see a trail of digital breadcrumbs leading from account to account.

Hackers Threaten 'Game Of Thrones' Episode Leaks

Bank Info Security
From a hack-attack timing standpoint - although it may be coincidence - HBO has recently been advertising for a senior information security manager on LinkedIn, according to incident response expert Matt Suiche.

Why Ukraine Deserves Cyberattack Help From The West

The Washington Times
While theories abound, well-known cyber security expert Matt Suiche and other analysts have come to a disturbing conclusion. Their analysis suggests that the main purpose of the attack was financial disruption and widespread destruction.

Trust But Verify: First Ethereum Decompiler Launched With Jp Morgan Project

The Cointelegraph
Comae Technologies recently announced at the DEF CON hacker conference in Las Vegas held on July 27 the launching of Porosity, the first ever decompiler for Ethereum Virtual Machine (EVM) integrated with JP Morgan's Quorum.

Who Are The Shadow Brokers? Signs Point To An Intelligence Insider

TechTarget
The Shadow Brokers dumps started relatively small, Suiche said; the first batch of free exploits included bugs in many common firewall products. The group later followed up with Solaris operating system exploits, as well as more detailed information on proposed Equation Group tar(...)

The World’S First Ethereum Decompiler Named ‘Porosity’ Launched

Coinspeaker
Matt Suiche, Comae Technologies founder, announced at the DefCon hacker conference held in Las Vegas yesterday a new solution – Porosity, the open-source EVM decompiler capable of deciphering the code that makes up executable distributed code contracts (EDCC).

The Porosity Decompiler Can Help Eliminate Costly Bugs

ETHNews
On July 27, 2017, at the DEF CON 25 hackathon conference, Comae Technologies founder, Matt Suiche revealed Porosity, a decompiler capable of deciphering the code that makes up executable distributed code contracts (EDCCs). Porosity lends itself well to debugging, as it can revert(...)

Cybersecurity Is A $81.7 Billion Market — And Startups Are Raking In The Dough

Business Insider UK
"The trend we see now is companies focusing on specific problems," said Matthieu Suiche, founder of Comae Technologies, a United Arab Emirates-based security company that helps organizations who have experienced breaches diagnose and recover from them. Suiche said he sees a futur(...)

First Ethereum Decompiler Launches With Jp Morgan Quorum Integration

Coindesk
As Porosity's launch comes in a month when ethereum smart contracts written for CoinDash, Parity and Veritaseum have all been hacked, Suiche thinks his chosen profession as a reverse engineer is about to see increased demand.

Shadowbrokers Remain An Enigma

Threat Post
Today at Black Hat, Matt Suiche of Comae Technologies who has done extensive work analyzing the ShadowBrokers, recapped the last year of activity around the group.

Hacking Group Shadowbrokers Raises Prices For Leaks

The Hill
An expert on the group, Matt Suiche, accused them of making false claims to boost their profile during a presentation on the group at the BlackHat conference on Thursday. He spoke hours after they raised their subscription service price. Suiche, founder of Comae Technologies, was (...)

20 Hot Sessions: Black Hat 2017

Bank Info Security
The Shadow Brokers - Cyber Fear Game-Changers (9:05 a.m.): "Who are The Shadow Brokers? I have no clue. Nobody really does," says security researcher Matt Suiche, managing director of Dubai-based incident response firm Comae Technologies. In this presentation, however, Suiche pro(...)

What To Watch At 'Hacker Summer Camp'

The Hill
Matt Suiche, founder of Comae Technologies and the foremost expert on the group who claims to have stolen the exploits used in WannaCry, will present on the so-called ShadowBrokers

Trump Hotels Again The Target Of Hackers Seeking Credit Card Data

NPR
Cybersecurity expert Matt Suiche told NPR that hotels are being targeted more frequently by criminals. For example, he pointed out, a hotel in Austria was recently the victim of a ransomware attack that temporarily prevented it from making new room keys in its electronic key syst(...)

The Petya Plague Exposes The Threat Of Evil Software Updates

WIRED
"Now I’m wondering if there are similar software companies that have been compromised that could be the source of similar attacks," says Matt Suiche, the founder of Dubai-based Comae Technologies, who has been analyzing the Petya strain since it first appeared. "The answer is, (...)

Hackers Linked To Notpetya Ransomware Decrypted A File For Us

Motherboard
Suiche told Motherboard that he thinks the hackers are just "trolling," trying to confuse researchers and journalists. Moreover, it's possible that some files could not be decrypted, and victims might not be able to provide hackers with a unique fingerprint that the ransomware cr(...)

Hackers Connected To Notpetya Ransomware Surface Online, Empty Bitcoin Wallet

Motherboard
Matt Suiche, a security researcher who has analyzed NotPetya, was skeptical about the alleged hackers' motives, saying they are just "trolling journalists." "This is a fear, uncertainty and doubt case," Suiche, who's the founder of Comae Technologies, told Motherboard in an online(...)

Kiev Detected Second Wave Of Expetr Cyber-Attacks Interior Minister

Sputnik
Matt Suiche, the founder of Comae Technologies cybersecurity firm, told Sputnik that ExPetr was not ransomware, but rather a wiper designated to damage infected computer systems.

The Day A Mysterious Cyber-Attack Crippled Ukriane

BBC
In a webinar, Juan Andres Guerrero-Saade, from Kaspersky’s global research & analysis team, and Matt Suiche, from Comae Technologies, said that they have labeled the attack as destruction instead of ransomware. "Normally that wouldn't be the consideration with something consid(...)

Russian Lawmaker Says Kiev'S Claim On Moscow Behind Cyber-Attacks 'Fantasy'

Sputnik International
However on Friday, Matt Suiche, the founder of Comae Technologies cybersecurity firm, told Sputnik that ExPetr was not ransomware, but rather a wiper designated to damage infected computer systems.

The Strange Failures Of The Petya Ransomware Attack

The Daily Dot
Given those facts, some experts believe that the real purpose of the attack was to destroy the files on targeted computers. Comae technologies explained how the malware was in fact a wiper—a virus that aims to destroy and damage—in the guise of ransomware. The virus is also b(...)

Experts: Global cyberattack looks more like 'sabotage' than ransomware

CNN
Matt Suiche, the founder of Comae Technologies, explained in an online post that it was designed to "destroy and damage." "Different intent. Different motive. Different narrative," he wrote. A number of global companies were hit by a massive IT system attack earlier in the week.

ExPetr Virus Likely Wiper, Not Ransomware - Comae Technologies

Sputnik News
ExPetr is not ransomware but rather a wiper designated to damage infected computer systems, Matt Suiche, the founder of Comae Technologies cybersecurity firm, told Sputnik on Friday. Suiche supposes that the aim of the attack was to disrupt the work of the companies and businesses targeted as the attacks "motives were apparently not to just temporarily limit the victims" access to information but rather to destroy and damage the systems.

Ukraine Cyberattack Wasn't Really About Ransom, Security Experts Say

NPR Berlin
Likewise, Matt Suiche, founder of cybersecurity firm Comae Technologies, writes on his website, "The goal of a wiper is to destroy and damage ... Different intent. Different motive. Different narrative." Suiche says the perpetrator wanted to disguise the intent of the attack. "We believe the ransomware was in fact a lure to control the media narrative," Suiche writes, "... to attract the attention on some mysterious hacker group rather than a national state attacker like we have seen in the past in cases that involved wipers such as Shamoon."

Notpetya Is, Er, Not Ransomware, Victims Unlikely To Get Files Back

The Inquirer
Likewise, Matt Suiche, founder of cloud security company Comae Technologies, agreed. "The ransomware was a lure for the media. This variant of Petya is a disguised wiper," he warned.

The Notpetya Ransomware May Not Actually Be Ransomware At All — It Could Be Something Worse

Mashable
Security researcher Matt Suiche lays out the bad news in a blog post for cybersecurity firm Comae Technologies. He notes that while an earlier version of Petya, from which NotPetya gets its name, technically allowed for the decryption of files, NotPetya doesn't. '2016 Petya modif(...)

The Great Destroyer Petya Was Unleashed To Cause Destruction Rather Than Earn Its Creators Money, Experts Claim

The Sun
"Ransomwares and hackers are becoming the scapegoats of nation state attackers. Petya is a wiper not a ransomware."

Expetr Called A Wiper Attack, Not Ransomware

ThreatPost
According to Comae Technologies researcher Matt Suiche, there is bug in the malware’s encryption code that prevents any decryption key from working. That is something independent of the fact the German email provider Posteo shut down the attacker’s email address preventing vi(...)

His ΓÇÿPetyaΓÇÖ Code Was Used In A Global Cyber Attack, Now He Wants To Help

The Daily Beast
"It’s someone who wants to shut down Ukraine and make it look like ransomware," said Matthieu Suiche, founder of of cyber-security provider Comae Technologies. "And like what happened back in December with the power grid, it’s a political motive."

Cyber-attack was about data and not money, say experts

BBC
Matt Suiche, from security firm Comae, described the variant as a "wiper" rather than straight-forward ransomware. "The goal of a wiper is to destroy and damage," he wrote, adding that the ransomware aspect of the program was a lure to generate media interest. Mr Suiche wrote: "2016 Petya modifies the disk in a way where it can actually revert its changes, whereas, 2017 Petya does permanent and irreversible damages to the disk."

Ukraine's ransomware attack was a ruse to hide culprit's identity, researchers say

Washington Post
Moreover, the email address to make a payment to retrieve data is no longer accessible, said Matt Suiche, a hacker and founder of Comae Technologies, a cybersecurity firm. He said in a blog post this week that the ransomware feint was probably a way to make people think "some mysterious hacker group" was behind the attack rather than a nation state. "The fact of pretending to be a ransomware while being in fact a nation-state attack . . . is in our opinion a very subtle way for the attacker to control the narrative of the attack," Suiche said.

Experts: Massive 'Petya' Attack Looks More Like State Cyber Warfare Than A Data Heist

Forbes
The Verge pointed to a blog post by Comae's Matthieu Suiche, who concluded, after breaking down Petya's inability to decrypt data, that an attempt to destabilize Ukraine on the digital front must have been the real aim of the attack. "Pretending to be a ransomware while being in fact a nation state attack [is] in our opinion a very subtle way from the attacker to control the narrative of the attack," Suiche wrote.

Overnight Cybersecurity: New Questions About 'Ransomware' Attack | Tensions Between Nsa Chief, Trump Over Russia | Senate Panel Asks States To Publicize Election Hacks

Forbes
We believe the ransomware was in fact a lure to control the media narrative, especially after the WannaCry incidents to attract the attention on some mysterious hacker group rather than a national state attacker like we have seen in the past in cases that involved wipers such as(...)

Petya virus is something worse than ransomware, new analysis shows

TheVerge
Matt Suiche, founder of the cybersecurity firm Comae, writes in a blog post today that after analyzing the virus, known as Petya, his team determined that it was a 'wiper,' not ransomware. "We can see the current version of Petya clearly got rewritten to be a wiper and not a actual ransomware," Suiche writes.

Why You Shouldn't Pay the Petya Ransomware

Fortune
Some security researchers have questioned whether this attack can even be properly categorized as ransomware. Matthieu Suiche, CEO and founder of the Dubai-based cybersecurity firm Comae, told Fortune that he believes it is more appropriately considered as 'wiper' malware, meaning malicious software that intends to destroy data rather than hold it hostage. Other experts have agreed with the essence of Suiche's analysis.

Global CyberAttack Demanding Ransom Had Nothing To Do With Money

Vice News
Comae Technologies, which looked closely at how the malware operated, suggests it was designed to look like ransomware, but was in fact a type of malware called a wiper, which destroys all records from the system. "We believe the ransomware was in fact a lure to control the media narrative, especially after the WannaCry incident, to attract the attention on some mysterious hacker group rather than a national state attacker," Matt Suiche, founder of Comae Technologies, wrote in a blog post on Wednesday.

Global ransomware attack was meant to be destructive, not collect money

Cyberscoop
An analysis of a unique variant of Petya ransomware conducted by Comae Technologies' Matthieu Suiche reveals that computer code in the June 27 version of the malware is different than previous samples which were tied to incidents involving monetary gain. The primary difference between past Petya variants and Tuesday's malware comes in the form of a small block of code that effectively commands the virus to "erase the Windows system's Master Boot Record (MBR) on default," said Suiche. "After comparing both implementations, we noticed that the current [implementation] that massively infected multiple entities in Ukraine was in fact a wiper, which just trashed the 25 first sector blocks of the disk," Suiche wrote in a blog post.

Companies, governments assess damage from latest malware

ABC News
Matthieu Suiche, the founder of Dubai-based Comae Technologies, said the ransom demand was merely 'a mega-diversion.' In a blog post, he wrote that the code pointed not to criminals, but 'in fact a nation state attack.'

Cyberattack Hits Ukraine Then Spreads Internationally

New York Times
The attack is 'an improved and more lethal version of WannaCry' said Matthieu Suiche, a security researcher who helped contain the spread of the WannaCry ransomware when he created a kill switch that stopped the attacks. In just the last seven days, Mr. Suiche noted, WannaCry had tried to hit an additional 80,000 organizations but was prevented from executing attack code because of the kill switch.

A Scary New Ransomware Outbreak Uses WannaCry's Old Tricks

WIRED
Matthieu Suiche, the founder of security firm Comae Technologies, wrote on Twitter. Microsoft had patched the EternalBlue vulnerability in March, prior to WannaCry's spread in May, which protected some systems from the infection. Based on the extent of damage Petya has caused so far, though, it appears that many companies have put off patching, despite the clear and potentially devastating threat of a similar ransomware spread. These systems apparently remain vulnerable even after Microsoft released multiple patches for legacy systems, like Windows XP, that the company no longer supports. And publicity about the attack led many system administrators to prioritize upgrading their systems for defense. But Petya's spread using EternalBlue shows how dire the patching landscape really is.

Police cancel fines from Bendigo cameras

WIRED
Security researcher Matthieu Suiche said the virus was designed to encrypt files on infected machines. He said it was very unlikely, given the damage to organisations such as Honda and Britain's National Health Service, the security cameras would have come through unscathed as claimed

French Officials Detail 'Fancy Bear' Hack of TV5Monde

BankInfoSecurity
French incident response expert Matt Suiche, managing director at Dubai-based Comae Technologies, says in an English-language overview of the French-language ANSSI presentation. "But this machine was not connected to the internal network, and was quickly classified as [a] dead-end by the attacker."

French team finds way to unlock computers infected with WannaCry virus as ransom deadline looms

Telegraph
Suiche, based in Dubai and one of the world's top independent security researchers, provided advice and testing to ensure the fix worked across all various versions of Windows. His blog post links to a Delpy's 'wanakiwi' decryption tool which is based on Guinet's original concept. His idea involves extracting the keys to WannaCry encryption codes using prime numbers rather than attempting to break the endless string of digits behind the malicious software's full encryption key."This is not a perfect solution," Suiche said. "But this is so far the only workable solution to help enterprises to recover their files if they have been infected and have no back-ups which allow users to restore data without paying black-mailers."

Wanawiki is the WannaCry fix that might save affected PCs—if you work fast

PCWorld
Matt Suiche, the founder of CloudVolumes and Comae, published a blog post that describes how Benjamin Delpy's wanawiki tool works: It sniffs out the prime numbers used by the ransomware to reconstruct the key used to encrypt your PC. Once the wanawiki tool is run, the software can basically generate the key, and the tool will then unlock the encypted files.

Available Tools Making Dent In WannaCry Encryption

ThreatPost
Suiche stresses that victims should not reboot their infected machines if they haven't already. Suiche, who did a breakdown of the crypto implementation of WannaCry during a webinar with Kaspersky Lab this week, said today that the killswitch domain he registered is still recording infection attempts, including a spike of almost 5,000 last night from Malaysia.

French researchers find way to unlock WannaCry without ransom

Reuters
Suiche published a blog with technical details summarizing what the group of passing online acquaintances (goo.gl/iIFDZs) has built and is racing to share with technical staff at organizations infected by WannaCry.

This Tool Could Save You From Paying WannaCry Ransomware Crooks

Forbes
"This tool isn't perfect, but if companies don't have back up this is their only hope," said Suiche.

A WannaCry Flaw Could Help Some Victims Get Files Back

Wired
Within 24 hours, another pair of French researchers, Benjamin Delpy and Matt Suiche, say they've now adapted the tool to work on Windows 7, too.

Cyber-Crime Defense Built in the U.A.E (Video)

Bloomberg
Comae Technologies Founder Matt Suiche discusses the global risks of malware attacks. He speaks on "Bloomberg Markets: Middle East." (Source: Bloomberg)

It almost makes you WannaCry: The search for the hackers who infected computers around the world

LA Times
"It's something we started to see more and often in the past few years," said Matt Suiche, founder of the Dubai-based Comae Technologies, who played a key role in unearthing a vital clue in the WannaCry mystery. "What we see is that security needs to be a joint effort. Open source collaboration and cooperation are very important to help us work together on these issues."

Shadow Brokers threaten to unleash more hacking tools

The Guardian
"ShadowBrokers are back" tweeted Matthieu Suiche, a French hacker and founder of the United Arab Emirates-based cybersecurity firm Comae Technologies, who has studied the Shadow Brokers' releases and believes the group has access to NSA files. Another member of the cybersecurity community tweeted:

Wanna Decryptor ransomware appears to be spawning and this time it may not have a kill switch

WIRED
Separately, security researcher Matthieu SuicheΓÇÅ has registered a second kill switch found in one version of the malware and says that stopped around 10,000 machines from being infected.

North Korean hackers might be behind the global WannaCry ransomware attack

Business Insider
Another researcher, Comae Technologies' Matthieu Suiche, corroborated the findings. That suggests Lazarus borrowed code for WannaCry from its own, existing tools.

Snippet of WannaCry Ransomware Linked to Suspected North Korean Malware

Motherboard
Matthieu Suiche, founder of cybersecurity company Comae Technologies, also highlighted apparent similarities.

WannaCry ransomware shares code with North Korea-linked malware - researchers

RT
"WannaCry and this [program] attributed to Lazarus are sharing code that's unique. This group might be behind WannaCry also," Suiche said, as cited by Wired.

Group linked to NSA spy leaks threatens sale of new tech secrets

Daily Mail
"ShadowBrokers are back" tweeted Matthieu Suiche, a French hacker and founder of the United Arab Emirates-based cyber security firm Comae Technologies, who has studied the Shadow Broker releases and believes the group has access to NSA files

Cyber-Security Experts Fear the Progression Of 'WannaCry' Ransomware

Huffpost UK
"We are in the second wave," said Matthieu Suiche of Comae Technologies. "As expected, the attackers have released new variants of the malware. We can surely expect more."

Group linked to NSA spy leaks threatens sale of new tech secrets

Reuters
"ShadowBrokers are back" tweeted Matthieu Suiche, a French hacker and founder of the United Arab Emirates-based cyber security firm Comae Technologies, who has studied the Shadow Broker releases and believes the group has access to NSA files.

Security officials say worst effect of global cyber attack subsiding, but remain on edge about new attacks

LA Times
Matt Suiche, chief executive officer and co-founder of a security startup based in Dubai, also registered a site to blunt the second attack.

New Wave of Ransom Threats Seen in Unprecedented Attack

Washington Post
Matt Suiche, founder of United Arab Emirates-based cyber security firm Comae Technologies, said he's seen a variant on the original malware that still contains a kill-switch mechanism -- though future versions could find a way to overcome it. "We are lucky that this logic bug is still present," Suiche said

"I Don't Want Fame": The Depressing Weekend Of The Guy Who Killed That WannaCry Ransomware

Forbes
Matthieu Suiche, founder of security firm Comae Technologies, has been doing similar work in registering domains used by new variants and shutting them down. "I don't care about that... if he's Madonna or not," Suiche said. "Tell them to harass me, I want more followers than The Grugq [a well-known security expert with a large Twitter following]."

New Variant Of "WannaCry" Virus Emerges Infecting 3,600 Computers Per Hour

ZeroHedge
As Bloomberg reports that Matt Suiche, founder of United Arab Emirates-based cyber security firm Comae Technologies warns a new version of the ransomware may have also been spreading over the weekend.

WannaCry ransomware has links to North Korea, cybersecurity experts say

ZeroHedge
and echoed by other researchers including Matthieu Suiche from UAE-based Comae Technologies.

The WannaCry Ransomware Has a Link to Suspected North Korean Hackers

Wired
But Suiche sees the Contopee link as a strong clue about WannaCry's origins. The Dubai-based researcher has closely followed the WannaCry malware epidemic since Friday, and over the weekend he identified a new "kill switch" in an adapted version of the code, a web domain the WannaCry ransomware checks to determine whether it will encrypt a victim's machine. Just before Mehta's finding, he identified a new URL "this time, one that begins with the characters "ayylmao. "That LMAO string, in Suiche's view, is no coincidence. "This one looks like an actual provocation to the law-enforcement and security community," Suiche says. "I believe that's North Korea actually trolling everyone now."

North Korean Hackers from Lazarus May Be Behind WannaCry Ransomware Attack

Softpedia
Other security researchers other than the Mehta have noticed the same similarity, such as Comae Technologies' Matthieu Suiche, who also discovered and killed a new variant by activating the kill switch.

Who's Behind The Ransomware Pandemic? One Small Clue Points To North Korea

Forbes
Darien Huss and founder of Comae Technologies Matthieu Suiche. All have been actively investigating and defending the web against WannaCry and were intrigued at the possible link to North Korea.

Researchers Identify Clue Connecting Ransomware Assault to Group Tied to North Korea

Wall St Journal
Representatives from three major cybersecurity firms: Symantec Corp. SYMC 3.19% , Kaspersky Lab ZAO and Comae Technologies later on Monday said they found the same the link.

Cyber-attack aftershock feared; US warns of complexity

Business Mirror
Suiche of Comae Technologies said he had done the same for one of the new variants of malware to surface since the initial wave.

Researchers: WannaCry ransomware shares code with North Korean malware

Cyberscoop
"From a technical point of view those two functions and their references are identical," said Matt Suiche, founder of United Arab Emirates-based cybersecurity firm Comae Technologies.

Ransomware hack linked to North Korea, researchers say

US Today
Security researcher Matthieu Suiche, of Comae Technologies in the United Arab Emirates, said the hackers may be sending a message in some of the code that's showing up, suggesting their purpose is to stir political mayhem.

Was North Korea Behind Last Week's Global Cyberattack?

The Atlantic
Matt Suiche, a Dubai-based security researcher, told Wired it "would be a lot of trouble" for hackers "to write ransomware, target everyone in the world, and then make a fake attribution to North Korea."

Cyberattack Is Blunted as Governments, Companies Gain Upper Hand

Bloomberg
Matt Suiche, founder of United Arab Emirates-based cyber security firm Comae Technologies, said around 10,000 machines have been infected by the second variation of the malware.

Ransomware's Aftershocks Feared as U.S. Warns of Complexity

The New York Times
Copycat variants of the malicious software behind the attacks have begun to proliferate, according to experts who were on guard for new attacks. "We are in the second wave," said Matthieu Suiche of Comae Technologies, a cybersecurity company based in the United Arab Emirates. "As expected, the attackers have released new variants of the malware. We can surely expect more."

US Government Fears a Monday Explosion of the Ransomware Plague It Helped Create

Gizmodo
"We are in the second wave," Matthieu Suiche of Comae Technologies, tells the New York Times. "As expected, the attackers have released new variants of the malware. We can surely expect more."

Companies, governments brace for a second round of cyberattacks in WannaCry's wake

TechCrunch
Writing on his blog, Matt Suiche, the founder of Comae Technologies, elaborated on some of the new variants of the ransomware that cybersecurity specialists are finding in the wild.

New WannaCry ransomware variants: Patch old PCs now to avoid becoming a victim

TechCrunch
Fortunately, security researchers @benkow_ spotted the domain and Matthieu Suiche registered the kill switch Sunday. Suiche added:I highly suspect there are multiple variants in the wild with multiple kill switches! #WannaCry Good news is: there are still kill switches!MalwareTech confirmed the "new kill switch" had been transferred to his sinkhole. On Sunday, Suiche warned, "Until people update and upgrade their operating systems, they are still at threat. The fact I registered the new kill-switch is only a temporarily relief which does not resolve the real issue, which is that people are running out-of-support Operating Systems."

Researcher 'accidentally' stops spread of 'unprecedented' global cyberattack

ABCNEws
"Currently the spreading of the ransomware is slowed down dramatically because a researcher found a logic bug in the malware, not because the companies around the world are having good security practice," Matt Suiche, founder of Comae Technologies, a cybersecurity company in the United Arab Emirates, told ABC News on Saturday. Suiche said the cyberattackers could soon release a new update to the malware, making it more robust and resuming the global infection. "I'd even say this update probably already happened," he added.

WannaCry Kill-Switch(ed)? It's Not Over! WannaCry 2.0 Ransomware Arrives

The Hacker News
Updated: However, Suiche also confirmed that the modified variant with no kill switch is corrupted, but this doesn't mean that other hackers and criminals would not come up with a working one.

UAE on high alert over WannaCry attack

The National UAE
Mr Suiche told The National that "mature" organisations running old operating systems that weren't regularly patched were especially vulnerable

What We Know and Don't Know About the International Cyberattack

New York Times
"The kill switch is why the U.S. hasn't been touched so far," said Matthieu Suiche, founder of Comae Technologies, a cybersecurity company in the United Arab Emirates. "But it's only temporary. All the attackers would have to do is create a variant of the hack with a different domain name."

Hacking Attack Has Security Experts Scrambling to Contain Fallout

New York Times
"The kill switch is why the U.S. hasn't been touched so far," said Matthieu Suiche, founder of Comae Technologies, a cybersecurity company in the United Arab Emirates. "But it's only temporary. All the attackers would have to do is create a variant of the hack with a different domain name. I would expect them to do that."

Oracle databases at risk because of a leaked NSA hacking tool, researcher says

Cyberscoop
A complex and powerful implant codenamed PASSFREELY that is mentioned in the trove of documents allows for an attacker to bypass the authentication process behind Oracle servers, security researcher Matt Suiche told CyberScoop.

Snowden 2.0: "The Shadow Brokers" Stalk the NSA

NationalJournal
The Shadow Brokers also released step-by-step evidence outlining the NSA's penetration of secure financial transactions between Middle Eastern banks. Matt Suiche, the founder of cybersecurity firm Comae Technologies, said it's one the clearest pictures ever of both the United States's cyber-capabilities and the global financial system's vulnerabilities.

Hackers Reveal Apparent NSA

Bank InfoSecurity
Of course, the number of attempts to target organizations involved in SWIFT may be much larger. As Suiche asks in a blog post: "How many of those service bureaus may have been or are currently compromised?"

Shadowbrokers' Windows Zero-Days Already Patched

ThreatPost
Suiche explained these bank transactions are handled on an Oracle database running SWIFT software. The archive includes tools used by the NSA to take data from the Oracle installation, including a list of users and SWIFT message queries, Suiche said.

Microsoft confirms it's patched most of the NSA's Windows exploits

Computerworld
Some of the exploits allegedly used by the NSA relied on vulnerabilities in older and not-supported SKUs (stock-selling units) of Windows Server, according to Matt Suiche, founder of the security firm Comae Technologies, who named Windows 2003 specifically.

Shadow Brokers leak more NSA exploits

ITNews
Due to the detailed description of service bureau infrastructure in the Shadow Brokers documents, Suiche believes the leak could be harmful to the SWIFT network.

Documents Show NSA Hacked SWIFT Service Provider

Silicon
The documents appear to indicate NSA efforts to directly monitor SWIFT providers' activities in order to detect funds transfers by militant or criminal groups, according to security researcher Matt Suiche.

Hackers reveal documents showing what tools the NSA could use to gain access to the global system used to transfer money between banks

DailyMail
Matt Suiche, founder of cybersecurity firm Comae Technologies, wrote in a blog post that screen shots indicated some SWIFT affiliates were using Windows servers that were vulnerable at the time, in 2013, to the Microsoft exploits published by the Shadow Brokers.

New leak suggests NSA penetrated banking networks in Middle East

CBSNews
"This is by far the most brutal dump," said Comae Technologies founder Matt Suiche, who has closely followed the group's disclosures and initially helped confirm its connection to the NSA last year.

Hacker documents show NSA tools for breaching global money transfer system

Reuters
Matt Suiche, founder of cybersecurity firm Comae Technologies, wrote in a blog post that screen shots indicated some SWIFT affiliates were using Windows servers that were vulnerable at the time, in 2013, to the Microsoft exploits published by the Shadow Brokers. He said he concluded that the NSA took advantage and got in that way.

US government 'monitored bank transfers'

BBC
"If you hack the service bureau, it means that you also have access to all of their clients, all of the banks," said Matt Suiche, founder of the United Arab Emirates-based cybersecurity firm Comae Technologies, speaking to Reuters.

Wrecking the internet': hackers may have just revealed huge flaw in global commodity market

The Sydney Morning Herald
"If you hack the service bureau, it means that you also have access to all of their clients, all of the banks," said Matt Suiche, founder of the United Arab Emirates-based cybersecurity firm Comae Technologies, who has studied the Shadow Broker releases and believes the group has access to NSA files.

Hackers reveal documents showing NSA breached SWIFT money transferring system

IBTimes
"As soon as they bypass the firewalls, they target the machines using Microsoft exploits," Suiche told Reuters. "We now have all of the tools the NSA used to compromise SWIFT (via) Cisco firewalls, Windows," he added

Hacker documents show NSA tools for breaching global money transfer system

Reuters
Matt Suiche, founder of cybersecurity firm Comae Technologies, wrote in a blog post that screen shots indicated some SWIFT affiliates were using Windows servers that were vulnerable at the time, in 2013, to the Microsoft exploits published by the Shadow Brokers. He said he concluded that the NSA took advantage and got in that way.

New NSA leak may expose its bank spying, Windows exploits

Techworld
If the files are real, the exposed information represents a threat to the SWIFT network, said Matt Suiche, founder of security firm Comae Technologies, who has been looking over the leaked files.

Microsoft: NSA leak vulnerabilities already patched in modern products

WashingtonExaminer
Snowden mentioned that Microsoft "needs to take real action" in response to the leak, to which computer security researcher Matt Suiche, founder of UAE-based Comae Technologies, suggested that Microsoft may have been tipped off by "someone."

New Leak from Shadow Brokers Show NSA targeted Windows and Banks

HackRead
Founder of Comae technologies, Mr. Matt Suiche, told media: "If you hack the service bureau, it means that you also have access to all of their clients, all of the banks,"

Shadow Brokers Leak Reveals The NSA's Deep Access Into SWIFT Banking Network

Forbes
Matt Suiche, founder of the cybersecurity firm Comae Technologies, notes that one particular SWIFT bureau was targeted

Older Windows Systems Targeted by Newly Released Hack Tools

RedmondMag
The swift folder contains PowerPoint slides suggesting that the Middle East network used by the Society for Worldwide Interbank Financial Telecommunication (SWIFT) for financial transactions was targeted by the NSA, according to a blog post by Microsoft Most Valuable Professional Matt Suiche.

Hackers expose NSA financial spying arsenal, global banking system potentially at risk

RussiaToday
IP addresses listed alongside the institutions do not correspond to machines at the institutions, according to security researcher Matt Suiche.

Shadow Brokers leak NSA documents that may reveal operation aimed at Middle Eastern banks

Cyberscoop
"It shows that they have a lot more than what we originally thought," said security researcher Matt Suiche, "the Shadow Brokers previously claimed this all came from a compromised NSA attack/staging server … you wouldn't host presentation slid"

ShadowBrokers Expose NSA Access To SWIFT Service Bureaus

ThreatPost
"In this case, if Shadow Brokers claims are indeed verified, it seems that the NSA sought to totally capture the backbone of international financial system to have a God's eye into a SWIFT Service Bureau ' and potentially the entire SWIFT network," said researcher Matt Suiche in a blog posted today explaining his analysis of the data dump.

Shadow Brokers release SWIFT banking and Windows exploits

Techtarget
Matt Suiche, Microsoft MVP and founder of Comae Technologies, based in the United Arab Emirates, wrote on Medium this release details evidence "of the largest infection of a SWIFT Service Bureau to date."

Major Leak Suggests NSA was deep in Middle East Banking System

WIRED
"This is the equivalent of hacking all the banks in the region without having to hack them individually," says Suiche, founder of UAE-based incident response and forensics startup Comae Technologies. "You have access to all their transactions."

The latest NSA dump from the Shadow Brokers tells you how to break into banks

BoingBoing
"This would make a lot of sense that the NSA compromise this specific SWIFT Service Bureau for Anti-money laundering (AML) reasons in order to retrieve ties with terrorists groups," Suiche wrote.

Edward Snowden: Latest NSA leak is 'not a drill'

WashingtonExaminer
Computer security researcher Matt Suiche, founder of UAE-based Comae Technologies, who helped confirm that prior NSA leaks from the Shadow Brokers are real, has been updating a blog post on Friday's document dump. "This is by far, the most interesting release from Shadow Brokers as it does not only contain tools," he wrote.

New leak suggests NSA penetrated banking networks in Middle East

BelfastTelegraph
Comae Technologies founder Matt Suiche, who has closely followed the disclosures, said the latest release was unusual because it explicitly identified alleged NSA targets.

Shadow Brokers leak trove of NSA hacking tools

FCW
That may be true as far as Microsoft products still under support, noted hacker Matt Suiche noted in a blog post. But some of the exploits target Windows XP, which has been out of support since 2014, and Windows Vista, which went out of support on April 11.

Shadow Brokers release also suggests NSA spied on bank transactions

Engadget
Reuters reports that SWIFT also claims there's no evidence its network has been accessed. Meanwhile, Matt Suiche looked through the documents and writes about what they show,

NSA May Have Hacked Global Banks, Shadow Brokers Release Indicates

IBTimes
"This is the equivalent of hacking all the banks in the region without having to hack them individually, Matt Suiche, founder of UAE-based incident response and forensics startup Comae Technologies, told Wired. "You have access to all their transactions."

New NSA leak may expose its bank spying, Windows exploits

ITWorld
If the files are real, the exposed information represents a threat to the SWIFT network, said Matt Suiche, founder of security firm Comae Technologies, who has been looking over the leaked files.

Did the NSA spy on Middle East banks using the SWIFT network?

HousingWire
"This is the equivalent of hacking all the banks in the region without having to hack them individually," says Suiche, founder of UAE-based incident response and forensics startup Comae Technologies.

Hackers release files indicating NSA monitored global bank transfers

Reuters
"If you hack the service bureau, it means that you also have access to all of their clients, all of the banks," said Matt Suiche, founder of the United Arab Emirates-based cybersecurity firm Comae Technologies, who has studied the Shadow Broker releases and believes the group has access to NSA files.

New leak suggests NSA penetrated Mideast banking networks

APNews
"This is by far the most brutal dump," said Comae Technologies founder Matt Suiche, who has closely followed the group's disclosures and initially helped confirm its connection to the NSA last year.

Shadow Brokers release SWIFT banking and Windows exploits

TechTarget
Matt Suiche, Microsoft MVP and founder of Comae Technologies, based in the United Arab Emirates, wrote on Medium this release details evidence "of the largest infection of a SWIFT Service Bureau to date."

Hacker Group Says U.S. Tried to Breach Money-Transfer System

WallStJournal
Matt Suiche, founder of Comae Technologies FZE, a company that investigates computer intrusions, said the documents include Excel files supposedly containing employee login credentials as well as information allegedly about customers, and that the Windows attack tools appear to work as indicated.

NSA-leaking Shadow Brokers just dumped its most damaging release yet

ArsTechnica
Friday's dump also contains code for hacking into banks, particularly those in the Middle East. According to this analysis by Matt Suiche, a researcher and founder of Comae Technologies, Jeepflea_Market is the code name for a 2013 missio

Mysteriöse Gruppe offenbart mutmaßliche Hacking-Angriffe der NSA

SuedDeutsche
Außerdem wussten die Hacker anscheinend Bescheid, wie die interne Infrastruktur dieses Anbieters beschaffen war, wie der IT-Sicherheitsforscher Matt Suiche in einem Blogpost schreibt. Über eigens geschriebene Programme konnten die Hacker gezielt nach Swift-Zahlungen suchen. Alles in allem hätten die Angreifer "volle Kontrolle", oder, wie Suiche auf Nachfrage sagt: God's eye; das Auge Gottes, das alles sieht.

Latest Hacking Tools Leak Indicates NSA Was Targeting SWIFT Banking Network

HackerNews
"A SWIFT Service Bureau is the kind of the equivalent of the Cloud for Banks when it comes to their SWIFT transactions and messages; the banks' transactions are hosted and managed by the SWIFT Service Bureau via an Oracle Database and the SWIFT Softwares," security researcher Matt Suiche explains in a blog post.

NSA may have hacked banking transactions network

TheHill
"This is by far, the most interesting release from Shadow Brokers as it does not only contains tools," researcher Matt Suiche, founder of UAE-based cyber security firm Comae and the Dubai cybersecurity conference OPCDE, wrote in a Medium post.

Hacked Twitter Accounts Post Swastikas, Pro-Erdogan Content

Bloomberg
"Attackers always look for the weakest link of the chain," said Matt Suiche, founder of United Arab Emirates-based cyber-security startup Comae Technologies. "Third party platforms are perfect targets. It makes lots of sense."

CIA's apparent hacking techniques revealed in data breach

Los Angeles Times
The data confirm the CIA maintains “an extensive database of cyberweapons,” said Matt Suiche, a well-known hacker who founded cybersecurity start-up Comae Technologies. “It also shows they are buying from third parties, and that they are closely following every advancement” in cybersecurity.

How the CIA Can Hack Your Phone, PC, and TV (Says WikiLeaks)

WIRED
A tool called TinyShell appears to allow the CIA hackers full remote control of an infected television, including the ability to run code and offload files, says Matt Suiche, a security researcher and founder of the UAE-based security firm Comae Technologies. "I would assume that, by now, they would definitely have exploits for Samsung TVs," Suiche says. "This shows that they’re interested. If you’re doing the research, you’re going to find vulnerabilities." Samsung did not respond to WIRED’s request for comment.

Fancy Bear: Leaked Google report shows how much the tech giant knows about Russian hackers

International Business Times
"It looks like Google researchers were well aware of Sofacy before it was publicly disclosed," Matt Suiche, security researcher and the founder of Comae Technologies told Motherboard, after reviewing the report. "And also attributed Sofacy and X-Agent to Russia before it was publicly done by FireEye, ESET or CrowdStrike."

Google следит за деятельностью «русских» хакеров

SecurityLab
«По всей видимости, исследователям Google было хорошо известно о Sofacy до того, как информация стала публичной, - отметил специалист Comae Technologies Мэтт Суиче (Matt Suiche) в интервью Motherboard. - Они также приписали Sofacy и X-Agent России до того, как это сделали FireEye, ESET или CrowdStrike».

A Glimpse Into How Much Google Knows About Russian Government Hackers

VICE's Motherboard
"It looks like Google researchers were well aware of Sofacy before it was publicly disclosed," Matt Suiche, a security researcher and the founder of Comae Technologies and the OPCDE conference, told Motherboard in an online chat after reviewing the report.

Shadow Brokers leak NSA-linked Microsoft hacking tools

Cyberscoop
"This dump contains Windows Implants and not Unix tools, reinforcing the insider theory. And the outdated Windows target of those implants reinforce the opinion that Shadow Brokers only has old dirt," said Matt Suiche, founder of United Arab Emirates-based cybersecurity startup Comae Technologies. "There is no reason to have all the tools of every platforms etc. on a staged server."

Dubai Has $300 Million To Entice The World's Best Startups To Its Accelerator

Forbes
Comae Technologies, which wants to use artificial intelligence to solve crimes. After team members worked in Dubai, 14 of the startups are relocated to the city, according to the Foundation.

Shadow Brokers Dump List of Servers Hacked by the NSA’s Equation Group

HackRead
A UAE-based security startup Comae’s researcher Matt Suiche discovered while inspecting the links that around 331 IP addresses were compromised through the spy tools pair known as Intonation and PitchImpair. According to Suiche, currently there is not a great deal of information available but most of the folders contain some configuration variables and metadata but there isn’t any "source code this time."

Five of the 30 Teams Taking Part in the Inaugural Program of the Dubai Future Accelerators

Dubai Media Office
One example of the successful entries is Comae Technologies, a UAE-based Cyber Security start up specialized on memory forensics for both digital forensics and incident response to cyber incidents purposes. According to US tech giant and cybersecurity specialists Symantec, the number of zero-day vulnerabilities (a hole in software that is unknown to the vendor) discovered in 2015 more than doubled to 54 – a 125 percent increase from 2014. This makes start-ups such as Comae not only relevant but necessary for cities and governments in the 21st century.

The NSA Leak Is Real, Snowden Documents Confirm

The Intercept
After viewing the code, Green told The Intercept the MSGID string’s occurrence in both an NSA training document and this week’s leak is “unlikely to be a coincidence.” Computer security researcher Matt Suiche, founder of UAE-based cybersecurity startup Comae Technologies, who has been particularly vocal in his analysis of the ShadowBrokers this week, told The Intercept “there is no way” the MSGID string’s appearance in both places is a coincidence.

Privacy hawks pounce on NSA hack

Politico
“An insider could have stolen them directly from the NSA, in a similar fashion to how [Snowden] stole an untold number of the spy agency’s top secret documents. And this theory is being pushed by someone who claims to be, himself, a former NSA insider.” Security researcher and hacker Matt Suiche also explored the same theory with another anonymous ex-NSA analyst.

Experts have 2 theories for how top-secret NSA data was stolen, and they’re equally disturbing

BusinessInsider
His remarks about looking at the files are interesting, especially in light of a post on Medium by Matt Suiche, the founder of Comae Technologies. He claimed that he was contacted by a former NSA analyst who offered a somewhat-redacted image of an award citation received while working inside the agency for the US Army to prove his bona fides.

Leak in-house? NSA data dump could be work of insider

RussiaToday
However, Matt Suiche, the CEO of a Dubai-based cybersecurity company, wrote that the problem with this theory is that the NSA exposed the hacking tools on a server. “Making a mistake is not impossible,” for the Tailored Access Operation (TAO) – the NSA’s hacking team, Suiche noted.

أخطر أدوات التجسس للبيع: كيف تم اختراق وكالة الأمن القومي الأمريكية؟

Mubasher24
هذا وقد أكد العديد من الخبراء في مجال الأمن المعلوماتي وعلى رأسهم مؤسس شركة “Comae Technologies” لحماية الإنترنت مات سويتش أن رمز الحاسوب المسرب يشير أنه من أدوات “NSA“.

Evidence mounts that NSA computer code was stolen

McClatchyDC
“The (Tailored Access Operations) Team had severe concerns about how easy it was to just walk out with the data on a USB drive,” Matt Suiche, a French hacker, wrote Wednesday in a blog posting.

'Auction' of NSA tools sends security companies scrambling.

Reuters
Comae Technologies founder Matt Suiche said the theory of a disgruntled insider couldn't be ruled out. In a blog post , Suiche said he'd been contacted by a former NSA analyst who pointed out that the tools leaked online normally resided on a segregated network and that the way they were named suggests the data was copied direct from the source. Suiche cautioned it was just a theory.

'Shadow Brokers' Claim To Have Hacked The NSA's Hackers.

NPR
Matt Suiche, a security researcher who analyzed the code that has been publicly released by the Shadow Brokers, tells NPR's Aarti Shahani that it does appear to be a compilation of tools used by the NSA.

The Current Highest Bid for Alleged NSA Data is 999,998.371 Bitcoin Short

VICE
Matt Suiche, the CEO of UAE-based cybersecurity company Comae, who's been following the leak since the beginning, is skeptical.

Hacking group auctions 'cyber weapons' stolen from NSA

Guardian
“Given the timeframe (Post-DNC hack), this could possibly be orchestrated by the Russian government so America will be stuck with Donald Trump as a President,” said Matt Suiche in a Medium post.

Snowden: Exposure of alleged NSA tools may be warning to US

AssociatedPress
Matt Suiche, the founder of United Arab Emirates-based cybersecurity startup Comae Technologies, said he and others looking through the data were convinced it came from the NSA. "There's zero debate so far," he said in a telephone interview.

Hackers Have Allegedly Stolen NSA-Linked ‘Cyber Weapons’ and Are Auctioning Them Off

Fortune
Although the alleged breach could just be an extravagant hoax, experts who reviewed a preliminary data dump teased alongside the hackers' garbled sales pitch said that the files, amazingly, looked authentic. "This appears to be legitimate code," Matt Suiche, a French cybersecurity entrepreneur, wrote in a Medium blog post, echoing what others had posted on Twitter (TWTR).

Email Provider Linked to Alleged NSA Dumps: We Can't Help

VICE
One of those researchers was Matt Suiche, the CEO of UAE-based cybersecurity company Comae. In his analysis, he used the Github API to find an email address linked to one of the accounts that published the data. If law enforcement were to dig into this case, then that email account is likely of interest to investigators: perhaps they could find out more about the user's identity, or their location.

Hacking group offers ‘stolen NSA cyber-weapons’ in bitcoin auction

Russia Today
"The data appears to be relatively old; some of the programs have already been known for years," and are unlikely "to cause any significant operational damage," researcher Claudio Guarnieri told Reuters. Meanwhile, Matt Suiche, founder of UAE-based security startup Comae Technologies, concluded the tools looked like they "could be used."

Hackers claim to have breached NSA's elite cyber-spy team, auction stolen cyberweapons

International Business Times
"The code in the dump seems legitimate, especially the Cisco exploits ... and those exploits were not public before," Matt Suiche, founder of UAE-based cybersecurity start-up Comae Technologies, told Forbes. "The content seems legit." Suiche, who detailed the products affected in a post on Medium, also said that the connection to the Equation Group, however, could have been faked.

Hackers claim to auction data they stole from NSA-linked spies

WIRED
Among the sample files released by the group are exploits that target equipment sold by companies including Cisco, Juniper, Fortigate and Topsec, a Chinese network security firm, according to Matt Suiche, founder of UAE-based incident response and forensics startup Comae Technologies.

Hackers claim to auction NSA source code

The Hill
“The code in the dump seems legitimate, especially the Cisco exploits (Most of the dump contains Firewall exploits), and those exploits were not public before,” said Matt Suiche, via electronic chat. Suiche is the founder of United Arab Emirates-based cybersecurity start-up Comae Technologies and has been actively analyzing the source code portions released as proof.

NSA hacked? Top cyber weapons allegedly go up for auction

CIO/IDG
The exploits specifically target firewall technology from Cisco, Juniper, Fortinet, and Chinese provider Topsec, said Matt Suiche, CEO of cyber security startup Comae Technologies, in a blog post.

NSA’s Hacking Group Hacked. Private Tools Leaked

HackerNews
"I haven't tested the exploits, but they definitely look like legitimate exploits," Matt Suiche, founder of UAE-based cyber security firm Comae Technologies, told the Daily Dot.

Hacking group claims to offer cyber-weapons in online auction

Reuters
Still, they appeared to be genuine tools that might work if flaws have not been addressed. After examining the code released Monday, Matt Suiche, founder of UAE-based security startup Comae Technologies, concluded they looked like "could be used."

NSA hacked? Top cyber weapons allegedly go up for auction

ComputerWorld
The exploits specifically target firewall technology from Cisco, Juniper, Fortinet and Chinese provider Topsec, said Matt Suiche, CEO of cybersecurity startup Comae Technologies, in a blog post.

'Shadow Brokers' claim to have hacked an NSA-linked elite computer security unit

Business Insider
Matt Suiche, CEO of cybersecurity startup Comae Technologies, has also been looking through the sample files since their publication. "I haven't tested the exploits but they def look like legitimate exploits, using third party libraries like scapy etc - at least for the Cisco ASA we can also see several shellcodes," he said.

Hackers claim to be selling NSA cyberweapons in online auction

DailyDot
"I haven't tested the exploits, but they definitely look like legitimate exploits," Matt Suiche, founder of UAE-based cybersecurity startup Comae Technologies, told the Daily Dot.

Group claims to hack NSA-tied hackers, posts exploits as proof

Arstechnica
Samples of the stolen files are dated most recently to 2013 and contain implants, exploits, and other tools for controlling routers and firewalls, including those from Cisco Systems, Juniper, Fortigate, and China-based Topsec, according to this analysis from Matt Suiche, cofounder and CEO of security firm Comae Technologies.

NSA Hacked? 'Shadow Brokers' Crew Claims Compromise Of Surveillance Op

Forbes
"The code in the dump seems legitimate, especially the Cisco exploits ... and those exploits were not public before," said Matt Suiche, founder of UAE based cybersecurity start-up Comae Technologies. "The content seems legit."

Group Claims to Have U.S. Government Hacking Tools for Sale

Wall St Journal
“The more we look at it…it looks more and more like a tool kit from the NSA,” said Matt Suiche, the founder of Comae Technologies FZE, a computer-security startup based in the United Arab Emirates.

Hacker claims to be selling stolen NSA spy tools

CNN
"It definitely looks like a toolkit used by the NSA," said Matt Suiche, a French computer researcher who has been reviewing the leaked code.