gfxgfx
 
Please login or register.

Login with username, password and session length
 
gfx gfx
gfx
76793 Posts in 13502 Topics by 1651 Members - Latest Member: Arnold99 November 24, 2024, 06:47:43 pm
*
gfx*gfx
gfx
WinMX World :: Forum  |  Discussion  |  WinMx World News  |  NSA reportedly intercepting laptops purchased online to install spy malware
gfx
gfxgfx
 

Author Topic: NSA reportedly intercepting laptops purchased online to install spy malware  (Read 1056 times)

0 Members and 1 Guest are viewing this topic.

http://www.theverge.com/2013/12/29/5253226/nsa-cia-fbi-laptop-usb-plant-spy

Quote
According to a new report from Der Spiegel based on internal NSA documents, the signals intelligence agency's elite hacking unit (TAO) is able to conduct sophisticated wiretaps in ways that make Hollywood fantasy look more like reality. The report indicates that the NSA, in collaboration with the CIA and FBI, routinely and secretly intercepts shipping deliveries for laptops or other computer accessories in order to implant bugs before they reach their destinations. According to Der Spiegel, the NSA's TAO group is able to divert shipping deliveries to its own "secret workshops" in a method called interdiction, where agents load malware onto the electronics or install malicious hardware that can give US intelligence agencies remote access.

While the report does not indicate the scope of the program, or who the NSA is targeting with such wiretaps, it's a unique look at the agency's collaborative efforts with the broader intelligence community to gain hard access to communications equipment. One of the products the NSA appears to use to compromise target electronics is codenamed COTTONMOUTH, and has been available since 2009; it's a USB "hardware implant" that secretly provides the NSA with remote access to the compromised machine.

This tool, among others, is available to NSA agents through what Der Spiegel describes as a mail-order spy catalog. The report indicates that the catalog offers backdoors into the hardware and software of the most prominent technology makers, including Cisco, Juniper Networks, Dell, Seagate, Western Digital, Maxtor, Samsung, and Huawei. Many of the targets are American companies. The report indicates that the NSA can even exploit error reports from Microsoft's Windows operating system; by intercepting the error reports and determining what's wrong with a target's computer, the NSA can then attack it with Trojans or other malware.

Offline GhostShip

  • Ret. WinMX Special Forces
  • WMW Team
  • *****
Nothing new in all this from what I can see except that now the public can talk about it and not be looked at as if they  where "internet conspiracists", a term used by the ignorant to make fun of those who dont believe everything they are fed on a plate, small things like the rule of law and constitutional protections spring to mind.

Offline White Stripes

  • Core
  • *****
  • ***
  • Je suis aimé
...WTF??

--edit--

anyone know of a program that can find these little 'toys' the NSA added to these machines?

monitor outgoing traffic, a firewall should stop outgoing traffic you don't authorise shouldn't it?

Offline White Stripes

  • Core
  • *****
  • ***
  • Je suis aimé
would need that firewall to be a seperate piece of hardware (also verified non-corrupt) if the computer has 'holes' already drilled it it for the NSA...

Your USB cable, the spy: Inside the NSA’s catalog of surveillance magic
« Reply #5 on: January 01, 2014, 02:50:05 am »
http://arstechnica.com/information-technology/2013/12/inside-the-nsas-leaked-catalog-of-surveillance-magic/

Quote
In some cases, the NSA has modified the firmware of computers and network hardware—including systems shipped by Cisco, Dell, Hewlett-Packard, Huawei, and Juniper Networks—to give its operators both eyes and ears inside the offices the agency has targeted. In others, the NSA has crafted custom BIOS exploits that can survive even the reinstallation of operating systems. And in still others, the NSA has built and deployed its own USB cables at target locations—complete with spy hardware and radio transceiver packed inside....

...There’s no indication from the documents that the manufacturers played any role in the development or delivery of the backdoors (something that manufacturers are now loudly telling their customers, too). The documents, which appear to be pages from a catalog of capabilities provided by the NSA's ANT division for the NSA’s Tailored Access Operations (TAO) division, show that many of the tools on offer are ordinary Windows exploits designed to use parts of the operating system to “phone home” to the NSA with data; like most malware, these packages can be dropped in place remotely and are probably the least interesting of the new revelations.

Hardware- and firmware-based backdoors, by contrast, require laying hands on the actual target systems. In some cases, the NSA’s operators install backdoor hardware and firmware directly onto the systems by “interdiction”—the systems are diverted during shipping to “load stations” where the surveillance components are installed. (This interception may have been accomplished with the cooperation of shipping companies or other government agencies; details of the process remain murky.) In other cases, the NSA uses an insider with a USB device or remote access tools deployed by other means to gain access to computer systems, allowing the NSA to “reflash” their low-level BIOS firmware.

WinMX World :: Forum  |  Discussion  |  WinMx World News  |  NSA reportedly intercepting laptops purchased online to install spy malware
 

gfxgfx
gfx
©2005-2024 WinMXWorld.com. All Rights Reserved.
SMF 2.0.19 | SMF © 2021, Simple Machines | Terms and Policies
Page created in 0.009 seconds with 22 queries.
Helios Multi © Bloc
gfx
Powered by MySQL Powered by PHP Valid XHTML 1.0! Valid CSS!