Slashdot Mirror

← Back to Stories (view on slashdot.org)

American Targeted By Digital Spy Tool Sold To Foreign Governments

Posted by Soulskill on from the upping-the-stakes dept.

An anonymous reader points out a report in Wired of an American woman at a "renowned academic institution" who received targeted malware from what was most likely a foreign government. "... analysis of [the downloader] showed that it was the same downloader that has been used in the past to install Remote Control System (RCS), a spy tool made by the Italian company Hacking Team and sold to governments." What's significant about this malware is that it is made by an Italian firm who claims they sell it only to government and law enforcement bodies, and it isn't of much use to your standard botnet operator. "The RCS tool, also known as DaVinci, records text and audio conversations from Skype, Yahoo Messenger, Google Talk and MSN Messenger, among other communication applications. It also steals Web browsing history and can turn on a computer’s microphone and webcam to record conversations in a room and take photos. The tool relies on an extensive infrastructure to operate and therefore is not easily copied and passed to non-government actors outside that infrastructure to use for their own personal spy purposes, according to a Hacking Team spokesman." There's no solid proof indicating who is responsible, but the malware email contained a link to a website in Turkey. "Turkey is a member of the North Atlantic Treaty Organization alliance. If authorities there were behind the hack attack, it would mean that a NATO ally had attempted to spy on a U.S. citizen on U.S. soil, presumably without the knowledge or approval of U.S. authorities, and for reasons that don't appear to be related to a criminal or counter-terrorism investigation."

14 of 85 comments (clear)

  1. Don't be so goddamn sanctimonious by Anonymous Coward · · Score: 5, Insightful

    The poor USA is getting spied on. The audacity! A country that's always on its best behavior and has NEVER spied on allies, ever! Besides, are you sure that this isn't rebound spying, where the US lets others spy on US citizens to get information that they wouldn't be allowed to acquire directly themselves?

  2. Re:Slavery... by SJHillman · · Score: 2

    It seems to work for Facebook. Let's just hope the US Government doesn't have an IPO, it could shatter the illusion of what it's actually worth.

  3. Davinci? Hack the Gibson! by Anonymous Coward · · Score: 5, Funny

    Hack the Planet!

  4. Re:Popular Idea by TWiTfan · · Score: 2

    It's sad that the people who created Stuxnet a few years back probably thought they were doing a noble thing. But the first thing I thought when I read about it was "How long before someone turns this back against us?"

    It's like the atomic bomb. Creating it was beneficial in the short term for the U.S. But, in the end, its main result was a nuclear arms race that came all-too-damn-close to causing a nuclear apocalypse (and may yet).

    --
    The cow says "Moo." The dog says "Woof." The Timothy says "Thanks, valued customer. We appreciate your input."
  5. "If ... would ... presumably ... don't appear to" by QuasiSteve · · Score: 4, Insightful

    There's no solid proof indicating who is responsible

    Thanks, all we really needed to know, I guess.

    but the malware email contained a link to a website in Turkey.

    Let me send you one with a link to a website in Mexico. Sorry, make that Sweden. Germany? Italy? Take your pick.

    "Turkey is a member of the North Atlantic Treaty Organization alliance. If

    And there the subject line finds its origin. I love a good tinfoilhat story, but this is not even that. This is pretty much wild guesses.

  6. Re:"If ... would ... presumably ... don't appear t by Technician · · Score: 2

    If you read the article, the researcher did not download or examine the payload. They used a honeypot to view the downloader, but not the payload. The payload could be anything, but the downloader was used by a known software vendor.

    Though investigators didn’t obtain the file that the downloader was supposed to install, analysis of it showed that it was the same downloader that has been used in the past to install Remote Control System (RCS), a spy tool made by the Italian company Hacking Team and sold to governments. A digital certificate used to sign the downloader has also been used in the past with Hacking Team’s tool.

    --
    The truth shall set you free!
  7. Editors, bang up job. by Taibhsear · · Score: 4, Funny

    Came here wondering how an American woman got sold to a foreign government. Great job as always, editors.

  8. The way things are going... by alexo · · Score: 3, Insightful

    > It is the job of any national government to protect itself from its citizens

    FTFY.

  9. Hmmm ... by gstoddart · · Score: 4, Interesting

    If authorities there were behind the hack attack, it would mean that a NATO ally had attempted to spy on a U.S. citizen on U.S. soil, presumably without the knowledge or approval of U.S. authorities, and for reasons that don't appear to be related to a criminal or counter-terrorism investigation.

    I'm pretty sure the US already does this -- possibly not for reasons other than criminal or counter-terrorism though.

    But, really, since we know with Carnivore and pretty much everything else the US spies on NATO allies as well.

    Unless we're meant to believe the US only does this on NATO allies with their express approval and oversight. Because, a t a minimum, we know the CIA has kidnapped people in Italy, a NATO member, without telling anybody.

    Does anybody really think countries don't actively spy on their allies if they feel the need?

    --
    Lost at C:>. Found at C.
  10. Re:"If ... would ... presumably ... don't appear t by AHuxley · · Score: 2

    Re: "these aren't actors capable of writing their own spyware" - Italy has had its SISMI military intelligence agency using the telco 'network' in very creative ways.
    http://en.wikipedia.org/wiki/SISMI-Telecom_scandal
    If that is the quality of the systems created/used/requested over time in the EU, the ability to enter one computer network seems not too hard?
    ie if you have a simple domestic surveillance program covering 1000's of people, whats one US network in 2013 with that skill/support set?
    You also had http://en.wikipedia.org/wiki/Greek_wiretapping_case_2004–2005
    ~ 100's Greek government and top-ranking civil servants ....
    Any state friendly with the NSA (the USA used Turkey eg Karamursel as the UK GCHQ used Cyprus) - generations going back to Adana flights, U2 from Turkey, generations of sigint collection. That help will not be forgotten by the USA when requesting access to top level US software/hardware telco vendors and cleared any export issues.
    As for "without the knowledge or approval of U.S. authorities" - the NSA would have understood this event, how much they felt/had to tell other "U.S. authorities" about ongoing foreign operations is ???
    The CIA had Operation CHAOS http://en.wikipedia.org/wiki/Operation_CHAOS to spy on people protesting the Vietnam War/Cuba/antiwar issues, perhaps groups in the US gov are just helping EU/friendly govs do the same with people of interest around the world as they protest?

    --
    Domestic spying is now "Benign Information Gathering"
  11. "without the approval of U.S. authorities" by lee+n.+field · · Score: 3, Interesting

    it would mean that a NATO ally had attempted to spy on a U.S. citizen on U.S. soil, presumably without the knowledge or approval of U.S. authorities

    Why in the world would anyone think this?

  12. America is not getting spied on by kruach+aum · · Score: 2

    A woman at an academic institution in the US is getting spied on. This is an important distinction sadly ignored by the attention grabbing headline; not everything every person does in a country should count as a direct proxy for that country. If it did, the act of spying would be a logical contradiction.

  13. William Gibson called it by idontgno · · Score: 2

    The street finds its own uses for things.

    -- William Gibson, "Burning Chrome"

    --
    Welcome to the Panopticon. Used to be a prison, now it's your home.
  14. Re:Spies Exist ?!?!! *clutches pearls* by OolimPhon · · Score: 4, Funny

    Is Turkey now the new China?

    I don't know. Why don't you try making me a pot of tea in a turkey and tell me how it tastes?