Monday, October 10, 2011

German hackers find government sponsored malware - R2D2

A group of German hackers say they have discovered trojan software developed by their government that can be used to spy on computer users without their knowledge.

The Chaos Computer Club (CCC) gained access to a copy of the "Bundestrojaner" (State Trojan) and found the program could be used to activate a computer's microphone or camera as well as log a user's online activity.

Since 2008 German police forces have been legally allowed to to install wiretapping software on a suspect's computer in order to monitor voice-over-IP communications through services such as Skype, but they are forbidden from accessing or installing other programs. The CCC analysis suggests the police software is capable of much more than is legally allowed.

"Our analysis revealed once again that law enforcement agencies will overstep their authority if not watched carefully. In this case functions clearly intended for breaking the law were implemented in this malware: they were meant for uploading and executing arbitrary code on the targeted system," say the CCC.

Security firm Sophos has confirmed that the trojan is able to eavesdrop on instant messaging software, log internet browser keystrokes and take screenshots of what appears on user's screens, while also attempting to communicate with a remote website.

Sophos consultant Graham Cluley also says there is no way to confirm the software was written by the German state.

Regardless of who wrote the software, it seems installing it on someone's computer leaves them wide open to any attacker.

The trojan's commands are unencrypted, making it possible for anyone to access an infected system and retrieve or upload data.

"The security level this trojan leaves the infected systems in is comparable to it setting all passwords to '1234'," says the CCC.

1 comment:

  1. very well explained thanks for sharing your valuable blog these are very useful to me.

    German Translation Services

    ReplyDelete