All the latest UK technology news, reviews and analysis
|
|
|
10 Oct 2011
Hacker group Chaos Computer Club (CCC) has uncovered a new piece of Trojan malware that it argues is being used by German police forces to spy on users' screens and internet communication such as Skype calls and instant messaging.
German courts allow the use of malware by law enforcement agencies if they have obtained the appropriate legal approval, however since 2008 the so-called Quellen-TKÜ software is only able to be used to tap VoIP calls.
Although it has not revealed any hard evidence linking the piece of malware it analysed – dubbed R2D2 – to Quellen-TKÜ, the CCC is claiming it is a government-backed Bundestrojaner, or "federal Trojan".
It argued that the functionality of the malware goes "much further than to just observe and intercept internet-based telecommunication, and thus violates the terms set by the constitutional court".
"The Trojan can, for example, receive uploads of arbitrary programs from the internet and execute them remotely," read the blog. "Activation of the computer's hardware like microphone or camera can be used for room surveillance."
The Trojan, because it gives the user complete control over a victim's PC, could even provide the ability to upload falsified evidence against the PC owner, said CCC.
"This refutes the claim that an effective separation of just wiretapping internet telephony and a full-blown Trojan is possible in practice – or even desired," said a CCC spokesperson.
"Our analysis revealed once again that law enforcement agencies will overstep their authority if not watched carefully. In this case functions clearly intended for breaking the law were implemented in this malware: they were meant for uploading and executing arbitrary code on the targeted system."
A Sophos investigation into the Trojan found that it is able to snoop on not just Skype but Yahoo Messenger, MSN and other communications apps as well as log keystrokes and even take screenshots of users' screens.
However, Sophos senior technology consultant, Graham Cluley, cautioned that the German authorities have so far not admitted any involvement.
"The comments in the Trojan's binary code could just as easily be planted by someone mischievously wanting the Trojan to be misidentified as the infamous Bundestrojaner," he argued.
Latest stories from Security
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
V3 examines the key strengths and weaknesses of Samsung's latest iPhone killer
Connect with V3.co.uk
Social networking is almost ubiquitous. This white paper examines the benefits and risks and it looks at the different ways companies can reconcile them
The importance of understanding your infrastructure
Java, J2EE Agile Senior Developer, Warrington, Cheshire...
Location: Geneva Client: A well established world...
Location: Geneva Client : A well known company Job...
Location: Lausanne Client: A well established world...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
You're missing the point
Damian, the problem is that the State is SPYING ON ITS PEOPLE. Don't try to make it sound less serious than it is.
Posted by: Jeff 11 Oct 2011
Problem with messaging
Is the problem here that the code was gathering information that could potentially be used by the Police to enforce acceptable use throughout the organisation - or that they neglected to use appropriate notification and have therefore offended employee's and employee councils?
Posted by: Damian 10 Oct 2011