The National Safety Agency is able to infect hard drives with surveillance software to spy on computers, Reuters said on Tuesday, citing information from cyber researchers and musty NSA operatives.

In a new report, Kaspersky revealed the days of a group dubbed The Equation Group capable of stretch accessing the firmware of hard drives from Western Digital, Seagate, Toshiba, IBM, Micron, Samsung and other drive makers. As such, the group has been able to implant spyware on hard fuels to conduct surveillance on computers around the world.

In a blog posted on Monday, Kaspersky said this threat has been around for almost 20 days and “surpasses anything known in terms of complexity and sophistication of techniques.” The defense researcher called the group “unique almost in every aspect of their activities: they use tools that are very concerned and expensive to develop, in order to infect victims, retrieve data and hide activity in an outstandingly professional way, and exercise classic spying techniques to deliver malicious payloads to the victims.”

Surveillance software implanted on hard fuels is especially dangerous as it becomes active each time the PC boots up and thus can infect the computer over and over anti without the user’s knowledge. Though this type of spyware could have surfaced on a “majority of the world’s computers,” Kaspersky inflamed thousands or possibly tens of thousands of infections across 30 different countries.

Infected parties and Repairs include government and diplomatic institutions, as well as those alive to in telecommunications, aerospace, energy, nuclear research, oil and gas, army and nanotechnology. Also, included are Islamic activists and gives, mass media, the transportation sector, financial institutions and affects developing encryption technologies.

And who’s responsible for this sophisticated spyware?

Kaspersky didn’t name names but did say that the troupe has ties to Stuxnet, a virus used to infect Iran’s uranium enrichment facility. The NSA has been accused of planting Stuxnet, leading Reuters to finger the agency as the source slack the hard drive spyware, especially based on outside information.

Kaspersky’s analysis was smart, a former NSA employee told Reuters, adding that the organization valued this type of spyware as highly as Stuxnet. Another “former intelligence operative” said that the NSA developed this way of embedding spyware in hard drives but said he didn’t know which surveillance attempts used it.

Lead Kaspersky researcher Costin Raiu told Reuters that the creators of the spyware must have had access to the source code for the infected hard fuels. Such code can pinpoint vulnerabilities that can be exploited by malicious-software writers.

“There is zero chance that someone could rewrite the [hard drive] exploiting system using public information,” Raiu said.

A spokesperson for Western Digital told Reuters that the concern had not “provided its source code to government agencies.” A Seagate spokesman said the concern takes secure measures to guard against tampering or bet on engineering of its hard drive firmware. And a Micron spokesman said that “we are not aware of any instances of foreign code.”

However, the NSA has ways of accessing source code from technology firms, Reuters said, including simply asking for it directly and posing as a software developer.

“They don’t admit it, but they do say, ‘We’re repositioning to do an evaluation, we need the source code,'” Vincent Liu, a partner at defense consulting firm Bishop Fox and former NSA analyst said. “It’s usually the NSA pursuits the evaluation, and it’s a pretty small leap to say they’re repositioning to keep that source code.”

Responding to a examine for comment, the NSA sent CNET the following statement:

We are aware of the recently released record. We are not going to comment publicly on any allegations that the record raises, or discuss any details. On January 17, 2014, the President gave a detailed address throughout our signals intelligence activities, and he also issued Presidential Policy Directive 28 (PPD-28). As we have affirmed publicly many times, we quit to abide by the commitments made in the President’s speech and PPD-28. The U.S. Government calls on our intelligence agencies to defending the United States, its citizens, and its allies from a wide array of serious threats – incorporating terrorist plots from al-Qaeda, ISIL, and others; the proliferation of weapons of mass destruction; foreign aggression anti ourselves and our allies; and international criminal organizations.