Malware is also about evolution. ZeuS was just reported to have evolved for the ninth time. Stuxnet – or parts of its code – obviously just evolved into the DUQU ‘worm’. That aside – and giving you phrases to drop into the search box of your favorite engine – smaller evolutions, let us call them ‘developments’ are integrated in some malware. The ZeuS rootkit again is a prime example where downloading additional components through an opened backdoor enables the rootkit to development and gain more powerful by adding functions. This could be for example a keylogging feature which is not integrated in the basic version. Modular malware does not sound that bad at all. It just needs a Command and Control component, being able to evade anti-malware heuristics and the feature to install additional features. Subsequently, it can always be customized and thus might be able to avoid detection of features which it is not even using on the current computer. What’s this week’s topic then?
Germany. The ‘Bundestrojaner’ (Federal Trojan). The piece of ‘malware’ which creation has been funding – and the development for sure is still being funded – by Germany. It was used by law enforcement agencies against the evil of the world. Criminals, terrorists, civil society, businessmen and for sure against children pornography. Well, that was until two weeks ago. As reported in the article two weeks ago, a German tech-savvy NGO reverse engineered the malware and found out that it does not really coincide with the framework the German supreme court issues for the use and coding of the trojan. Apart from being a security risk, it contained the same function as mentioned above: downloading additional components and installing them on the target computer. Apart from forged evidence these components can include – but are not limited to – keyloggers, video capturing and so on. Basically, everything could get install afterwards. That includes a lot of things that are not permitted within the framework of the supreme court.
That is the background. The ministers inner affairs of both, the federal state of Bavaria as well as his national pendent, voiced out their discomfort with the current media coverage of the Bundestrojaner in the past few days. According to them, the ‘C’ which stands for ‘Chaos’ in the name of the NGO which reverse engineered the Bundestrojaner (CCC – Chaos Computer Club) is the root of all evil. Because ‘chaos’ is part of their name, everything they do is chaos, so is their information on the Bundestrojaner. Because they are chaos and the source of all evil, they are wrong. Oh and the pirate’s party – which gained immense momentum within German politics the past few months and which is also supporting the take down of the Bundestrojaner – are, as they name indicates, only people who want to have all movies and games ‘pirated’/ illegal on the Internet. CCC is fighting for chaos and the pirates are fighting for illegal access to data. That one of those two stakeholders is the most tech-savvy civil society organization in the country – with a fairly good reputation – and the other is an official German party which would currently gain 10% of the seats in the German parliament (according to the latest polls) is not of any interest to the gentleman. Ignoring the fact that code is code and everyone who knows some programming can proof for him or herself that the CCC is right with what they found out so far does also not dawn on them. Soon, they might be as strong as EFF and ACLU in the United States. You should choose your enemies wisely. Oh, and I am not even going down the road of the international #Anti-Sec movement.
According to those two gentlemen, the Bundestrojaner can only perform those action that are permitted by the supreme court. Good thing: At least they do not deny, and therefore confirm, that the Bundestrojaner is a major security risk because of its flawed coding. Secondly, they are politicians. And Bundestrojaner can only do one tiny-tiny bit more than allowed: downloading more features through a backdoor and installing them. Adding the ability to completely erase itself and all traces, this small features is not a slight difference from the framework of the supreme court. It is completely defying the supreme court by intentionally creating something which fulfills the framework but can easily be changed into the complete opposite. Well, then again…who cares about checks and balances, frameworks issues by the the highest judicial institution in the country or even civil liberties? Luxury goods we have to sacrifice in order to sustain peace and security in our beautiful country
The good news is: research of unmanned flying vehicles with facial recognition software has been reported to make progress in Germany. Well, I guess that is the price we have to pay in order to fight terrorism, drugs, child abuse, insertgenericcatchwordhere.