On October 8, Berlin’s hacking collective the Chaos Computer Club (CCC) announced it had analysed a piece of software it believed had been. The famous Chaos Computer Club (CCC) has announced the been variously dubbed “0zapftis”, “Bundestrojaner” or “R2D2” – is likely to kick. The software, which CCC refers to as Bundestrojaner or “government trojan,” can capture screenshots, record keystrokes, and record audio from sources like.

Author: Samubei Zulunos
Country: Rwanda
Language: English (Spanish)
Genre: Personal Growth
Published (Last): 6 May 2014
Pages: 222
PDF File Size: 4.51 Mb
ePub File Size: 1.28 Mb
ISBN: 368-8-22482-843-6
Downloads: 27918
Price: Free* [*Free Regsitration Required]
Uploader: Tojar

The Official Samsung Galaxy Site. The Federal Ministry of the Interior released a statement in which they denied that R2-D2 has been used by the Federal Criminal Police Office BKA ; this statement however does not eliminate the possibility that it has been used by state-level German police forces. Inthe CCC celebrated its twentieth birthday with an interactive light installation dubbed Project Blinkenlights that turned the building Haus des Lehrers in Berlin into a giant computer screen.

Chaos Computer Club

You are commenting using your Twitter account. Companies that have declared their approach to detecting all malware should be favoured.

The screenshots and audio files it sends out are encrypted in an incompetent way, the commands from the control software to the trojan are even completely unencrypted. Any attacker could assume control of a computer infiltrated by the German law enforcement authorities”, commented a speaker of the CCC.

Second, it brings into question the use of government sponsored anti-virus initiatives unless they give free choice of vendors to the public. The Federal Constitutional Bindestrojaner of Germany has ruled that the police may only use such programs for telephony wiretapping, and for no other purpose, and that this bundestrojsner should be enforced through technical and legal means. Activation of the computer’s hardware like microphone or camera can be used for room surveillance.

‘Government’ backdoor R2D2 Trojan discovered by Chaos Computer Club

Beyond the intrusive nature of the software they analyzed, the CCC says that existing versions of the trojan are poorly secured. The CCC expressed hope that this farce is not representative for exceptionally strict quality control in federal agencies. You are commenting using your WordPress.


Why would you trust a government sponsored anti-virus software package if they are also producing malware for general use? Australian cyberattacks Operation Aurora Operation Payback.

The captured screenshots bunfestrojaner audio files were encrypted, but so incompetently that the encryption was ineffective. With its help it is possible to watch screenshots of the web browser on the infected PC — including private notices, emails or texts in web based cloud services. The analysis concludes, that the trojan’s developers never even tried to put in technical safeguards to make sure the malware can exclusively be used for wiretapping internet telephony, as set forth by the constitution court.

I’m sure more governments, if they haven’t already, will start doing things like this. This article first appeared on The Conversation. In the announcement of their findings, the CCC says that they have already informed governmental agencies of their findings and their intention to release the information publicly.

Intro to AI for Security Professionals. Ina ruling by a German Constitutional Court restricted use to cases in which human lives or state property were in danger, and only after permission had been granted by a judge.

The largest European hacker club, “Chaos Computer Club” CCChas reverse engineered and analyzed a “lawful interception” malware program used by German police forces.

Share it with us anonymously here. The program could also be remotely updated and potentially used to install and run other programs.

The official claim of a strict separation of lawful interception of internet telephony and the digital sphere of privacy has no basis in reality. The CCC’s findings were widely reported in the German press.

Chaos Computer Club – Wikipedia

That project allowed for full online surveillance of a particular internet address. Chaos Computer Club analyzes government malware The software, which CCC refers to as Bundestrojaner or “government trojan,” can capture screenshots, record keystrokes, and record audio from sources like Skype calls. The legislator should put an end to the ever growing expansion of computer spying that has been getting out of hand in recent years, and finally come up with an unambiguous definition for the digital privacy sphere and with a way bundetsrojaner protect it effectively.


The money was returned the next day in front of the press. Retrieved from ” https: Bundestrojaner sparks war of words By David Glance on Oct 11, Abased off a string of code in the software used to initiate data transmission.

‘Government’ backdoor R2D2 Trojan discovered by Chaos Computer Club – Naked Security

If possible, verify the text with references provided in the foreign-language article. Accessed September bundestrojanfr, Do not translate text that appears unreliable or low-quality. South Korea cyberattack Snapchat hack Yahoo! Computer clubs in Germany Hacker groups Organisations based in Hamburg. Sophos Mobile Security for Android. Government use of malware The use of backdoor trojan software by law enforcement agencies came to the fore in when the NSA or FBI were rumoured to have produced software known as Magic Lantern.

View a machine-translated version of the German article. Got a news tip for our journalists? Email Address never made public. Abased off a string of code in the software used to initiate data transmission.

Interview zum Projekt “Chaos macht Schule ” ” in German. The analysis also revealed serious security holes that the trojan is tearing into infected systems. The software was controllable over the Internet, but the commands were sent completely un encryptedwith no checks for authentication or integrity.