Wednesday, October 19, 2011

Claims of German Governmental Backdoor ("Case R2D2")

From F-secure's `news from the lab', Oc. 8, 2011:

Chaos Computer Club from Germany has tonight announced that they have located a backdoor trojan used by the German Government.

The announcement was made public on with a detailed 20-page analysis of the functionality of the malware. Download the report in PDF (in German).

The malware in question is a Windows backdoor consisting of a DLL and a kernel driver.

The backdoor includes a keylogger that targets certain applications. These applications include Firefox, Skype, MSN Messenger, ICQ and others.

The backdoor also contains code intended to take screenshots and record audio, including recording Skype calls.

In addition, the backdoor can be remotely updated. Servers that it connects to include and

We do not know who created this backdoor and what it was used for.

We have no reason to suspect CCC's findings, but we can't confirm that this trojan was written by the German government.

No comments:

Post a Comment