German police trojan can snoop on other programs


A “lawful” malware recently discovered by a Germany-based hacker club which could supposedly snoop on Skype calls has been found to be capable of doing much more, a computer security firm said.

Trend Micro said it has also set its software to detect the malware as BKDR_R2D2.A or R2D2, based on the strings on its malware code.

Citing the results of its analysis, Trend Micro said the malware can:

  • Listen to chat conversations for applications such as Skype, Yahoo! Messenger, MSN Messenger and SipGate x-lite.
  • Record audio calls when using Skype.
  • Monitor web browsing activities with browsers SeaMonkey, Navigator, Opera, Internet Explorer and Mozilla Firefox.
  • Take screenshots on the affected system.

Also, the backdoor receives commands from a remote site and is capable of installing component files, retrieving system information, downloading, uploading, and executing programs, and uninstalling itself.

It can also communicate with a remote IP address to receive commands from a remote user. This allows total control on the user’s system.

Government connection

While the malware code does not show any information about its connection to any government, Trend Micro cited reports saying the Bavarian Minister of Interior Affairs Joachim Herrmann (CSU) already confirmed that the malware was created by the Bavarian police.

“Regardless of its creator, however, R2D2 still remains to be an information-stealing tool, and we find it of utmost importance that users are protected from having their privacy broken into,” it said.

“Especially with this release of information to the public, it is highly likely that we will find this tool on the hands of cybercriminals, to be used for more sinister intent,” it added. — TJD, GMA News

Article source: http://www.gmanews.tv/story/235150/technology/german-police-trojan-can-snoop-on-other-programs

View full post on National Cyber Security » Virus/Malware/Worms

Leave a Reply