It would seem that the NSA is not the only government agency to use malware for the purpose of monitoring: France would also employed. Two detailed reports, RASCAGNERES Paul, the German security firm GData and Marion Marschalek , researcher independent dissect the role of “Babar”. This malware is capable of listening to online conversations on Skype, Yahoo Messenger and MSN, but also to know which sites a user has visited infected.
The existence of Babar was revealed in 2009 when a document leaked by Edward Snowden described an intelligence operation called “Snowglobe”. In these memos published by “Le Monde” , Canada’s Communications Security Establishment (CSEC) then stated that Snowglobe was particularly Iran’s nuclear program, but also Europeans and was led “by a French intelligence agency”
A big brother. EvilBunny
The researchers said they had obtained a series of samples of the same “family” Babar and having analyzed. “The purpose of this malware is espionage and especially instant messaging,” says the “Figaro” RASCAGNERES Paul, author of one of the reports. This is “to recover what is typed on the keyboard [what is called a keylogger]” but Babar is also “capable of listening to the microphone and speaker of the computer,” adds t -it.
The reports also helped to make the connection with “EvilBunny” another spy program. The two have much in common, as distinctive signs in their computer code, such as the term “ko” for “kilobyte” instead of “kb” for “kilobyte” in force in many countries. It appears qu’EvilBunny is the first version, rudimentary of Babar, then modified and greatly improved.
France suspect number one
Marion Marschaleck Motherboard explains the site Babar is “not very sophisticated” but “very good software above the level of the type of products that the analyst sees passing every day.” It would make “targeted surveillance”. “I honestly think it was done by a team with limited resources,” said Paul meanwhile RASCAGNERES in “Figaro”. The software is not very discreet either, “he does not hide beyond measure,” adds the researcher.
Canadian intelligence services have suspected the France and the General Directorate for External Security (DGSE). The analysis did not allow researchers to uncover new evidence implicating France, but both reports confirm the details of the document of CSEC.
A Motherboard, Marschalek says: “I am sure it was France, but the public is almost impossible to prove.” “There are indicators which we can draw conclusions, but, like a fingerprint for example, can be rigged.”
No comments:
Post a Comment