The Swiss creator of a Skype Trojan that can intercept calls made using the VoIP program has released the Trojan's source code online in an attempt to allow for its widespread detection.
In a translated interview with gulli.com, Ruben Unteregger says that with the Trojan's publication, "it will get analysed... signature patterns will be created by antivirus companies, the malware will be detected, blocked and deleted, if it tries to infect a system."
Previous reports from the IDG News Service tied the in-development Skype Trojan to the Swiss Department of the Environment, Transport, Energy and Communications, which reportedly hired Unteregger's company to create the digital wiretap. (more)
Showing posts sorted by relevance for query skype. Sort by date Show all posts
Showing posts sorted by relevance for query skype. Sort by date Show all posts
Friday, August 28, 2009
Wednesday, September 17, 2008
Bavarian Police Seeking Skype Trojan Informant
Germany - Bavarian police searched the home of the spokesman for the German Pirate Party (Piratenpartei Deutschland) looking for an informant who leaked information about a government Trojan used to eavesdrop on Skype conversations. (more)
Sunday, November 25, 2012
Patent Wars - VoIP Wiretaps
After Microsoft acquired Skype, we looked at a Microsoft patent called "Legal Intercept" meant for monitoring and recording VoIP communications. At that time, there were questions about if Microsoft would ruin Skype by making a backdoor for easy spy and pry government and law enforcement access. But a California-based company called VoIP-Pal already had such a surveillance patent that is meant to "allow government agencies to 'silently record' VoIP communications."
The Microsoft patent was filed in December 2009, but a company called Digifonica (International) Limited had filed a similar wiretapping VoIP patent in 2007. Then, in May 2012, VoIP-Pal attained five VoIP patents from the acquisition of Digifonica Gibraltar. One of the five patents is called "Lawful Intercept" and is meant for "intercepting VoIP and other data communications." (more)
The Microsoft patent was filed in December 2009, but a company called Digifonica (International) Limited had filed a similar wiretapping VoIP patent in 2007. Then, in May 2012, VoIP-Pal attained five VoIP patents from the acquisition of Digifonica Gibraltar. One of the five patents is called "Lawful Intercept" and is meant for "intercepting VoIP and other data communications." (more)
Wednesday, October 23, 2013
No Jail for Skype Sex Scandal Cadets
Australia - The two men at the centre of the Australian Defence Force Academy Skype scandal have avoided jail time.
Daniel McDonald, 21, secretly filmed himself having sex with a female cadet and streamed it live to Dylan Deblaquiere, 21, in a nearby dorm room at ADFA in Canberra in 2011.
Earlier this year a jury found the pair guilty of sending offensive material over the internet without consent. McDonald was also found guilty of an act of indecency.
In sentencing today in the ACT Supreme Court, Acting Justice John Nield rejected jail time... Instead he handed McDonald two 12-month good behaviour bonds, to be served concurrently, and Deblaquiere a single 12-month good behaviour bond. He warned they will go to jail if they breach their orders... "General deterrence has been achieved," he said...
The Department of Defence has confirmed it will take action in relation to McDonald. (more)
Daniel McDonald, 21, secretly filmed himself having sex with a female cadet and streamed it live to Dylan Deblaquiere, 21, in a nearby dorm room at ADFA in Canberra in 2011.
Earlier this year a jury found the pair guilty of sending offensive material over the internet without consent. McDonald was also found guilty of an act of indecency.
In sentencing today in the ACT Supreme Court, Acting Justice John Nield rejected jail time... Instead he handed McDonald two 12-month good behaviour bonds, to be served concurrently, and Deblaquiere a single 12-month good behaviour bond. He warned they will go to jail if they breach their orders... "General deterrence has been achieved," he said...
The Department of Defence has confirmed it will take action in relation to McDonald. (more)
Sunday, February 15, 2009
Italy police warn of Skype threat
Criminals in Italy are increasingly making phone calls over the internet in order to avoid getting caught through mobile phone intercepts, police say... The police say Skype's encryption system is a secret which the company refuses to share with the authorities. (more)
Wednesday, April 6, 2011
SpyCam Story #606 - Another Covert Skype'r
The 18-year-old, identified as 'Kate', says she had consensual sex with another first-year cadet but it was transmitted by Skype to six cadets in another room without her knowledge. (more)
Tuesday, April 7, 2009
Thus driving intelligence agencies, nuts.
Skype has become the world's single largest provider of international calls, surpassing even incumbent telcos like AT&T. (more)
Skype's strong encryption has been providing the illusion of "untappable" communications to many groups security agencies would like to monitor. (more)
Skype's strong encryption has been providing the illusion of "untappable" communications to many groups security agencies would like to monitor. (more)
Tuesday, August 30, 2011
Libyan Spy Center Provides Glimpse of Government Capabilities Worldwide
via The Wall Street Journal...
On the ground floor of a six-story building here, agents working for Moammar Gadhafi sat in an open room, spying on emails and chat messages with the help of technology Libya acquired from the West. The recently abandoned room is lined with posters and English-language training manuals stamped with the name Amesys, a unit of French technology firm Bull SA, which installed the monitoring center...
Earlier this year, Libyan officials held talks with Amesys and several other companies including Boeing Co.'s Narus, a maker of high-tech Internet traffic-monitoring products, as they looked to add sophisticated Internet-filtering capabilities to Libya's existing monitoring operation, people familiar with the matter said.
Libya is one of several Middle Eastern and North African states to use sophisticated technologies acquired abroad to crack down on dissidents. Tech firms from the U.S., Canada, Europe, China and elsewhere have, in the pursuit of profits, helped regimes block websites, intercept emails and eavesdrop on conversations...
The Tripoli Internet monitoring center was a major part of a broad surveillance apparatus built by Col. Gadhafi to keep tabs on his enemies. Amesys in 2009 equipped the center with "deep packet inspection" technology, one of the most intrusive techniques for snooping on people's online activities, according to people familiar with the matter.
Chinese telecom company ZTE Corp. also provided technology for Libya's monitoring operation, people familiar with the matter said. Amesys and ZTE had deals with different arms of Col. Gadhafi's security service, the people said. A ZTE spokeswoman declined to comment.
VASTech SA Pty Ltd, a small South African firm, provided the regime with tools to tap and log all the international phone calls going in and out of the country, according to emails reviewed by The Wall Street Journal and people familiar with the matter. VASTech declined to discuss its business in Libya due to confidentiality agreements.
Libya went on a surveillance-gear shopping spree after the international community lifted trade sanctions in exchange for Col. Gadhafi handing over the suspects in the 1988 bombing of Pan Am flight 103 and ending his weapons of mass destruction program...
The Tripoli spying center reveals some of the secrets of how Col. Gadhafi's regime censored the populace. The surveillance room, which people familiar with the matter said Amesys equipped with its Eagle system in late 2009, shows how Col. Gadhafi's regime had become more attuned to the dangers posed by Internet activism...
The Eagle system allows agents to observe network traffic and peer into people's emails, among other things. In the room, one English-language poster says: "Whereas many Internet interception systems carry out basic filtering on IP address and extract only those communications from the global flow (Lawful Interception), EAGLE Interception system analyses and stores all the communications from the monitored link (Massive interception)."
On its website, Amesys says its "strategic nationwide interception" system can detect email from Hotmail, Yahoo and Gmail and see chat conversations on MSN instant messaging and AIM. It says investigators can "request the entire database" of Internet traffic "in real time" by entering keywords, email addresses or the names of file attachments as search queries...
Across town from the Internet monitoring center at Libya's international phone switch, where telephone calls exit and enter the country, a separate group of Col. Gadhafi's security agents staffed a room equipped with VASTech devices, people familiar with the matter said. There they captured roughly 30 to 40 million minutes of mobile and landline conversations a month and archived them for years, one of the people said.
Capabilities such as these helped Libya sow fear as the country erupted in civil war earlier this year. Anti-Gadhafi street demonstrators were paranoid of being spied on or picked up by the security forces, as it was common knowledge that the regime tapped phones. Much of the early civil unrest was organized via Skype, which activists considered safer than Internet chatting. But even then they were scared. (more)
Tuesday, July 11, 2017
Android Malware Steals Data From 40 Apps
A newly uncovered form of Android malware aims to steal data from over 40 popular apps including Facebook, WhatsApp, Skype and Firefox - and the trojan has been actively engaging in in this illicit activity for almost two years.
Dubbed SpyDealer by the Palo Alto Networks researchers who discovered it, the malware harvests vast accounts of personal information about compromised users, including phone numbers, messages, contacts, call history, connected wi-fi information and even the location of the device.
The espionage capabilities of the trojan also enable it to record phone calls and videos, along with surrounding audio and video, take photos with both front and rear cameras, take screenshots of sensitive information and monitor the devices location at all times. more
Dubbed SpyDealer by the Palo Alto Networks researchers who discovered it, the malware harvests vast accounts of personal information about compromised users, including phone numbers, messages, contacts, call history, connected wi-fi information and even the location of the device.The espionage capabilities of the trojan also enable it to record phone calls and videos, along with surrounding audio and video, take photos with both front and rear cameras, take screenshots of sensitive information and monitor the devices location at all times. more
Saturday, March 3, 2012
NSA-Level Cell Phone Security (No, you can't have one.)
The US National Security Agency has modified Google’s Android operating system to create smart phones that use powerful encryption to protect every call. The “Fishbowl” devices were announced today at the RSA security conference in San Francisco by Margaret Salter, the agency’s Technical Director, who said she hoped to encourage companies to adopt some of ideas used in the system.
Such was the interest in the NSA’s presentation that this reporter – and most others – weren't able to gain access to the room where the demo was held. Australian IT publication SC Magazine did, though, reporting that Salter said 100 Fishbowl phones are being used to test the new technology. The Fishbowl phones allow fully encrypted calls that can be used to discuss the most classified information. Commercially available phones would require NSA employees to “speak in code”, SC say. The NSA has made rough specifications of the system available online. They show that Fishbowl phones make calls using a Skype-style VOIP app that routes connections through NSA servers. (more)
Friday, September 3, 2010
RIM Shot... and you're next Skype
The ITU is primarily concerned with regulating global radio spectrum usage, supervising telecommunications standards processes, and helping regulate communication satellite orbits and transmission... the agency has no formal regulatory.. however, Toure’s comments certainly reflect the general sentiments of the ITU’s 192 members.
Canada’s RIM has recently faced regulatory issues in a number of countries over encrypted communications handled by its BlackBerry services, with governments like Saudi Arabia, the United Arab Emirates, India, Indonesia, and Lebanon all insisting that their governments be permitted access to BlackBerry users’ communications. (more)
Friday, November 9, 2012
Government Strength Mobile Spyware
In the secretive world of surveillance technology, he goes just by his initials: MJM. His mystique is such that other security professionals avoid using wireless Internet near him...
MJM -- Martin J. Muench -- is the developer of Andover, U.K.-based Gamma Group’s FinFisher intrusion software, which he sells to police and spy agencies around the world for monitoring computers and smartphones to intercept Skype calls, peer through Web cameras and record keystrokes...
Of Gamma’s products, FinFisher has become the flashpoint. It represents the leading edge of a largely unregulated trade in cybertools that is transforming surveillance, making it more intrusive as it reaches across borders and spies into peoples’ digital devices, whether in their living rooms or back pockets...
...researchers including Claudio Guarnieri of Boston-based security risk-assessment company Rapid7; Bill Marczak, a computer science doctoral candidate at the University of California Berkeley; and Marquis-Boire, whose day job is working as a security engineer at Google Inc., found computers that appeared to be command servers for FinSpy in at least 15 countries.
They also documented FinSpy’s ability to take over mobile phones -- turning on microphones, tracking locations and monitoring e-mails...
On Oct. 12, U.S. law enforcement officials warned smartphone users to protect themselves against FinFisher, calling it malware, or malicious software.
“FinFisher is a spyware capable of taking over the components of a mobile device,” the Internet Crime Complaint Center, a partnership between the Federal Bureau of Investigation and National White Collar Crime Center, said in a Website alert to the public. “FinFisher can be easily transmitted to a Smartphone when the user visits a specific web link or opens a text message masquerading as a system update.”
FinSpy Mobile can infect almost every kind of device, including Apple Inc.’s iPhones and smartphones running Google’s Android or Microsoft Corp.’s Windows systems, according to a pamphlet Muench provides. (more)
Of Gamma’s products, FinFisher has become the flashpoint. It represents the leading edge of a largely unregulated trade in cybertools that is transforming surveillance, making it more intrusive as it reaches across borders and spies into peoples’ digital devices, whether in their living rooms or back pockets...
...researchers including Claudio Guarnieri of Boston-based security risk-assessment company Rapid7; Bill Marczak, a computer science doctoral candidate at the University of California Berkeley; and Marquis-Boire, whose day job is working as a security engineer at Google Inc., found computers that appeared to be command servers for FinSpy in at least 15 countries.
They also documented FinSpy’s ability to take over mobile phones -- turning on microphones, tracking locations and monitoring e-mails...
On Oct. 12, U.S. law enforcement officials warned smartphone users to protect themselves against FinFisher, calling it malware, or malicious software.
“FinFisher is a spyware capable of taking over the components of a mobile device,” the Internet Crime Complaint Center, a partnership between the Federal Bureau of Investigation and National White Collar Crime Center, said in a Website alert to the public. “FinFisher can be easily transmitted to a Smartphone when the user visits a specific web link or opens a text message masquerading as a system update.”
FinSpy Mobile can infect almost every kind of device, including Apple Inc.’s iPhones and smartphones running Google’s Android or Microsoft Corp.’s Windows systems, according to a pamphlet Muench provides. (more)
Tuesday, February 7, 2023
NY AG Spikes Spyware
Since 2011, Hinchy has owned and operated numerous companies, including the 16 investigated by the New York OAG, for selling and promoting spyware targeting Android and iOS devices, including Auto Forward, Easy Spy, DDI Utilities, Highster Mobile, PhoneSpector, Surepoint, and TurboSpy.
Once installed on victim devices, the spyware would collect and exfiltrate data such as call logs, text messages, photos, videos, emails, Chrome browser data, location, and data from messaging and social media applications, including WhatsApp, Skype, Facebook, Instagram, and Twitter.
The spyware was sold to ‘customers’ looking to spy on their spouse, colleagues, or other individuals, and was installed on the victims’ devices without their knowledge and without notifying them of the data collection and exfiltration activities...
Collected data, the New York OAG has discovered, was being transmitted in an insecure manner, which exposed it to potential cyberattacks and snooping...
The New York OAG fined Hinchy and his companies $410,000 in penalties and ordered them to modify the software so that it would notify device owners of the data collection activities. more
Sunday, May 20, 2012
Meet Your New Back Door Friend...
Will Congress require social networks, online voice over IP (VoIP) services, and Webmail providers to build in backdoors that could be used for electronic surveillance purposes by the FBI?
According to one news report, FBI officials have been meeting with Facebook, Google, Microsoft (which owns Skype and Hotmail), and Yahoo, among other companies. The goal apparently isn't to promote the bureau's push for expanded wiretapping capabilities, but rather to ask how that be implemented while causing minimal disruption for the companies with networks that would be directly accessed...
Six Key Points to Consider
1. Bureau Warns About Going Dark. The bureau has already been asking Congress for broader surveillance powers to help it keep up with new technologies....
Six Key Points to Consider
1. Bureau Warns About Going Dark. The bureau has already been asking Congress for broader surveillance powers to help it keep up with new technologies....
2. Proposed CALEA Revisions Would Update 1994 Law. Accordingly, the FBI wants Congress to expand the Communications Assistance for Law Enforcement Act (CALEA)...
3. Questions Remain Over Wiretapping Scope. Just how often does the FBI need to use wiretapping during an investigation? That's not clear. According to an FBI website about CALEA, wiretapping "is used infrequently and then only to combat the most serious crimes and terrorism."...
4. Civil Liberties Groups See Slippery Slope. Civil rights groups have warned that granting law enforcement agencies new surveillance powers could lead to a decrease in the privacy protections that people currently enjoy...
5. Will Technology Companies Back CALEA Expansion?...
6. Backdoors May Facilitate Unauthorized Access. Wiretapping backdoors could also make online services more vulnerable to attackers.... (more)
Friday, May 27, 2011
Yipes Skypes! VoIP Phone Encryption - Busted.
A team of researchers and linguists have found a fatal flaw in supposedly encrypted internet phone calls that allow them to eavesdrop on conversations.University of North Carolina scientists took a novel approach to 'listening in' on voice-over-internet-protocol (VoIP) conversations by analysing the 'encrypted' data packets used to transmit people's conversations.
VOIP services such as Skype transmit speech over the internet by encoding and the encrypting the conversation into individual data packets.
According to The New Scientist, Linguists noticed the size of each packet mirrored the composition of the original speech itself - allowing them to reconstruct words and phrases from the original voice.
By splitting the packet sequences into phonemes - the smallest sounds that make up a language - linguists were able to reconstruct the data into discernible words. (more)
Tuesday, February 25, 2014
Computer Allegedly Bugged by Ethiopians
A Maryland man is suing the Ethiopian government after it was discovered that it infected his computer with spyware, wiretapped his calls made via Skype, and monitored his family’s computers for months.
"We have clear evidence of a foreign government secretly infiltrating an American's computer in America, listening to his calls, and obtaining access to a wide swath of his private life," said Electronic Frontier Foundation staff attorney Nate Cardozo.
"The current Ethiopian government has a well-documented history of human rights violations against anyone it sees as political opponents. (more)
"We have clear evidence of a foreign government secretly infiltrating an American's computer in America, listening to his calls, and obtaining access to a wide swath of his private life," said Electronic Frontier Foundation staff attorney Nate Cardozo.
"The current Ethiopian government has a well-documented history of human rights violations against anyone it sees as political opponents. (more)
Sunday, September 30, 2007
USB BUG
Another good reason not to allow laptops into proprietary meetings and conferences..."This is the smallest, high-sensitivity, high gain USB microphone available, and is our most popular choice for court reporters, students, business people, voice recognition purposes, Skype communication, VOIP and Podcasting - anyone that needs to get high quality audio into a computer!
This mic our 'stealthiest' USB microphone!" Windows & MAC
(more)(sample audio)
Friday, December 23, 2011
When Spy Worlds Collide - It's a Paranoia Ride - Hackers Stop to Shop
The intelligence operative sits in a leather club chair, laptop open, one floor below the Hilton Kuala Lumpur’s convention rooms, scanning the airwaves for spies.
In the salons above him, merchants of electronic interception demonstrate their gear to government agents who have descended on the Malaysian capital in early December for the Wiretapper’s Ball, as this surveillance industry trade show is called.
As he tries to detect hacker threats lurking in the wireless networks, the man who helps manage a Southeast Asian country’s Internet security says there’s reason for paranoia. The wares on offer include products that secretly access your Web cam, turn your cell phone into a location-tracking device, recognize your voice, mine your e-mail for anti-government sentiment and listen to supposedly secure Skype calls.
He isn’t alone watching his back at this cyber-arms bazaar, whose real name is ISS World.
For three days, attendees digging into dim sum fret about losing trade secrets to hackers, or falling prey to phone interception by rival spies. They also get a tiny taste of what they’ve unleashed on the outside world, where their products have become weapons in the hands of regimes that use the gear to track and torture dissidents. (more)
As he tries to detect hacker threats lurking in the wireless networks, the man who helps manage a Southeast Asian country’s Internet security says there’s reason for paranoia. The wares on offer include products that secretly access your Web cam, turn your cell phone into a location-tracking device, recognize your voice, mine your e-mail for anti-government sentiment and listen to supposedly secure Skype calls.
He isn’t alone watching his back at this cyber-arms bazaar, whose real name is ISS World.
For three days, attendees digging into dim sum fret about losing trade secrets to hackers, or falling prey to phone interception by rival spies. They also get a tiny taste of what they’ve unleashed on the outside world, where their products have become weapons in the hands of regimes that use the gear to track and torture dissidents. (more)
Wednesday, September 14, 2016
Hey Kids - Learn How to Operate a Stingray IMSI-Catcher!
Using mass surveillance software without a warrant is almost as easy as installing Skype, according to leaked footage and instruction manuals for Harris Corp. stingray devices.
The footage, obtained by the Intercept, shows Harris Corp.'s Gemini software being used on a personal computer demonstrating how accessible the program is with a noticeable lack of any registration keys, proof of ownership, or safety measures to ensure the software was only used for authorized purposes.
The manuals include instructions for several Harris surveillance boxes, including the Hailstorm, ArrowHead, AmberJack, KingFish and other products in the RayFish Product Family.
Some features mentioned in the manuals are the ability to impersonate four cellular communication towers at once, monitor up to four cellular provider networks at once, and the ability to knock a targets devices down to an inferior network, such as from LTE to 2G.
The manual also details how to set up a target or “subscriber” and how to set up bulk surveillance, according to a Gemini device “Quick Start Guide” that was leaked on DocumentCloud. more
The footage, obtained by the Intercept, shows Harris Corp.'s Gemini software being used on a personal computer demonstrating how accessible the program is with a noticeable lack of any registration keys, proof of ownership, or safety measures to ensure the software was only used for authorized purposes. The manuals include instructions for several Harris surveillance boxes, including the Hailstorm, ArrowHead, AmberJack, KingFish and other products in the RayFish Product Family.
Some features mentioned in the manuals are the ability to impersonate four cellular communication towers at once, monitor up to four cellular provider networks at once, and the ability to knock a targets devices down to an inferior network, such as from LTE to 2G.
The manual also details how to set up a target or “subscriber” and how to set up bulk surveillance, according to a Gemini device “Quick Start Guide” that was leaked on DocumentCloud. more
Monday, September 24, 2007
Wiretapping for Dollars!
Companies like Google scan their e-mail users’ in-boxes to deliver ads related to those messages. Will people be as willing to let a company listen in on their phone conversations to do the same?
Pudding Media, a start-up based in San Jose, Calif., is introducing an Internet phone service today that will be supported by advertising related to what people are talking about in their calls. The Web-based phone service is similar to Skype’s online service — consumers plug a headset and a microphone into their computers, dial any phone number and chat away. But unlike Internet phone services that charge by the length of the calls, Pudding Media offers calling without any toll charges.
The trade-off is that Pudding Media is eavesdropping on phone calls in order to display ads on the screen that are related to the conversation. Voice recognition software monitors the calls, selects ads based on what it hears and pushes the ads to the subscriber’s computer screen while he or she is still talking. (more)
Think about this...
• NSA level technology is now a free advertising gimmick.
• Your secrets are more vulnerably now than at any other time in history.
• The cost per-conversation-eavesdropped-on is at its lowest.
• The likelihood that your business will be wiretapped is at its highest.
Today's Wall Street Journal discusses government's obligation to protect its assets, "proactive electronic surveillance operations are essential." Businesses must also protect their assets.
Solution...
• Proactive Counter-surveillance Inspections (PCI).
Top corporate security programs already include PCI as an essential element. Other businesses (and government agencies) are adding it at a record pace.
Need to know more?
Check here.
Pudding Media, a start-up based in San Jose, Calif., is introducing an Internet phone service today that will be supported by advertising related to what people are talking about in their calls. The Web-based phone service is similar to Skype’s online service — consumers plug a headset and a microphone into their computers, dial any phone number and chat away. But unlike Internet phone services that charge by the length of the calls, Pudding Media offers calling without any toll charges.
The trade-off is that Pudding Media is eavesdropping on phone calls in order to display ads on the screen that are related to the conversation. Voice recognition software monitors the calls, selects ads based on what it hears and pushes the ads to the subscriber’s computer screen while he or she is still talking. (more)
Think about this...
• NSA level technology is now a free advertising gimmick.
• Your secrets are more vulnerably now than at any other time in history.
• The cost per-conversation-eavesdropped-on is at its lowest.
• The likelihood that your business will be wiretapped is at its highest.
Today's Wall Street Journal discusses government's obligation to protect its assets, "proactive electronic surveillance operations are essential." Businesses must also protect their assets.
Solution...
• Proactive Counter-surveillance Inspections (PCI).
Top corporate security programs already include PCI as an essential element. Other businesses (and government agencies) are adding it at a record pace.
Need to know more?
Check here.
Subscribe to:
Posts (Atom)