> Hi List, > > i thougt this could be interesting. My english is not very good so i > copied > the following information from FSecure ( > http://www.f-secure.com/weblog/archives/00002249.html) > > "Chaos Computer Club from Germany has tonight announced that they have > located a backdoor trojan used by the German Goverment. > > The announcment was made public on ccc.de <http://www.ccc.de/> with a > detailed 20-page analysis of the functionality of the malware. Download > the > report in > PDF<http://www.ccc.de/system/uploads/76/original/staatstrojaner-report23.pdf>(in > German) > > The malware in question is a Windows backdoor consisting of a DLL and a > kernel driver. > > The backdoor includes a keylogger that targets certain applications. These > applications include *Firefox, Skype, MSN Messenger, ICQ* and others. > > The backdoor also contains code intended to take screenshots and record > audio, including recording Skype calls. > > In addition, the backdoor can be remotely updated. Servers that it > connects > to include 83.236.140.90 and 207.158.22.134" > > According to CCC Germany the backdoor could also be exploited by third > parties. You can download it from > http://www.ccc.de/system/uploads/77/original/0zapftis-release.tgz . > You'll > need gzip and tar to get the .dll and the .sys file.
Based on what they think the german goverment is behind this trojan? >From F-Secure: >We have never before analysed a sample that has been suspected to be >governmental backdoor. We have also never been asked by any government to >avoid detecting their backdoors. Is not it obvious? Which goverment want to say it 'Hi, we do this shit too ... ' _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
