Chaos Computer Club cracks Germany's illegal government malware, a trojan that spies on your PC and lets anyone off the street hijack it

Discuss

21 Responses to “Chaos Computer Club cracks Germany's illegal government malware, a trojan that spies on your PC and lets anyone off the street hijack it”

  1. Doran says:

    At least we can be confident that this kind of malware would never EVER be used by the U.S. government.

  2. Haz 0 says:

    Another piece of evidence for the case for using open source. Share your knowledge!

    • wildemar says:

      How is this “evidence for the case for using open source”? The authorities didn’t even admit to having that piece of software in the first place.

  3. andygates says:

    Smells like class action lawsuit time.

  4. this is actually rather sad.
    as of this morning, the bavarian minister for internal affairs (it’s his responsibility to keep stuff like this from happening) has entered a state of active denial and has last been seen sputtering erratic monosyllabic nonsense into any available microphone - 

    the little software gem is not some blunder, but A BREACH OF OUR CONSTITUTION.

    it’s pretty much a TSHTF situation.

    oh, and meanwhile in the “clowns to the left of me, jokers to the right” department,
    speakers for both the german police union and the union for german policemen
    demand that from now on only officially certified software shall be used for black ops.

    *sigh*

  5. mike says:

    They published the binaries, not the source code.

  6. Cowicide says:

    The funny thing is I checked out the binaries and they are for Windows, not Mac.  But the screenshot shows a Mac interface.  Is this some kind of joke or am I missing something here?

    Or maybe the deal is the client is for Mac OS X and it doesn’t infect the Mac at all. You can just use the client with Mac to control the infected Windows PC’s that have the actual trojan running on them.

    • retepslluerb says:

      The screenshot you are seeing  is the interface remote control program, written by the CCC guys  to demonstrate that they were able to hijack the Trojan.

      Don’t know why they did that on a Mac, probably because the logger itself seems to be windows only?

    • Fabian Giesen says:

      That’s a screenshot of the Command & Control interface the CCC created by reverse engineering the Trojan. We don’t know what the “official” C&C interface looks like, it wasn’t leaked or anything – this was done by analyzing an infected machine. (Or, more precisely, by analyzing its hard drive)

      • Cowicide says:

        Right, I guess it would be more boring to simply show the dll code, etc. – Using a Mac Client to attack PCs goes in line with other stuff I’ve, er… witnessed… but you usually don’t see this stuff in mainstream news like this.. haha… ok, I’ll stop here.

    • radioman says:

      »You can just use the client with Mac to control the infected Windows PC’s that have the actual trojan running on them.«

      That is right: The client is for Mac OS X, the trojan is for Windows.

      -> http://youtu.be/h0ix1Rn6rXY

  7. corydodt says:

    Come on, now.

    Do the responsible thing, and use this malware to pwn the government to fix the problem. They’ve given you the technology fix you need, already. Just alter the constitution to make it unconstitutional and start issuing warrants for the arrest of the people responsible. (I’m sure you can find their identities through the use of the same malware.)

  8. Thomas Heimann says:

    It’s not entirely correct that “The German supreme court banned the use of trojans to spy on German citizens in 2008.”. Instead, the court tried to distinguish between “good” and “bad” trojans; a distinction which does not work in real life. Thanks to the CCC – you’re doing an extraordinary job.

  9. ffabian says:

    Specifically the German Supreme Court allowed the use of Trojans only to spy on communications made with the PC (VOIP, Chat, Email) and only to prevent crimes that endanger human lifes. Any other data  on the infected Computer is protected and not allowed to be spied on but the discovered Trojan has the capability to do more:  upload stuff, making screenshots, access built-in webcams etc  – in short: do stuff it’s not allowed to do.  The important question is: Was the Trojan used and for what?

  10. Draxlith says:

    Does German law take into account chain of custody like US law? If so, wouldn’t the fact that ‘anyone’ can get into this system mean that chain of custody is broken, and all evidence related to computers with this malware is no longer admissible? I hope so, because that would be amazing

    • t3kna2007 says:

      > If so, wouldn’t the fact that ‘anyone’ can get
      > into this system mean that .. all evidence
      > related to computers with this malware
      > is no longer admissible?

      No, because that would make sense, and that’s not how things work.  You’re thinking of a different planet.

  11. videobored says:

    Ummmmmmm….. buttr cola.

Leave a Reply