Top NSA hacks of our computers

Top NSA hacks of our computers

Summary: The latest leaked documents from the NSA reveal a long collection, from 2007-2008, of software and hardware used to spy on computers, networks and to capture audio and video.

SHARE:
TOPICS: Security
8

 |  Image 13 of 17

  • GOPHERSET+MONKEYCALENDAR: Your SIM card is phoning home to Fort Meade

    For most people a SIM card in a phone is just a key that opens the door to their carrier's network, but there's more to them. A SIM card also holds the user's phone number, address book, text messages, and other data.

    GOPHERSET is a software hack of the SIM card itself. It "exfiltrates" the user's personal data using SMS. Yes, code on the SIM card can issue commands to and make requests of the phone. It can be deployed either through USB connection or over the air and may or may not require keys from the carrier. So maybe the carrier, or just a carrier employee, has to cooperate; maybe not.

    MONKEYCALENDAR is similar, but it captures and reports the phone's geolocation data.

    Interesting question: Surely the text messages are being sent from the user's carrier account, and if there are charges he'll see them on his bill. Perhaps there's more to it.

    The documents are dated 10/1/2008.

    full.12.GOPHERSET
    full.12.MONKEYCALENDAR

     

  • PICASSO: The cellular sniffer in the room

    PICASSO is cool. It's a modified handset that "collects user data, location information and room audio." It can be commanded remotely through SMS from a laptop and another phone.

    In fact it does a lot more than just collect data from the room — the description says "Block call to deny target service" which I guess means it can interfere with other phones in the room. It can also have a "panic button" sequence which alerts the operator and sends him location data.

    The document is dated 6/20/2008.

    full.13.PICASSO

     

  • TOTECHASER+TOTEGHOSTLY: Getting inside Windows Mobile

    TOTECHASER and TOTEGHOSTLY are software hacks aimed at Windows Mobile devices. Windows Mobile never had a lot of traction in consumer markets, but there were narrow markets where it did quite well, including ruggedized phones and, as is the case with TOTECHASER, satellite phones.

    TOTECHASER is an implant for the Windows CE kernel inside Windows Mobile, specifically targeting the Thuraya SG-2520 dual-mode GSM/SAT handset (discontinued). Either this model was very popular or the NSA had someone specific in mind.

    The TOTECHASER writeup makes it clear that it's not fully-baked (the documents are dated 10/1/2008). It sounds like it probably needs installed before the customer gets it and they haven't figured that part out.

    TOTEGHOSTLY is a higher-level remote control framework for compromised (perhaps by TOTECHASER) Windows Mobile devices.

    full.14.TOTECHASER
    full.14.TOTEGHOSTLY

      

  • Thumbnail 1
  • Thumbnail 2
  • Thumbnail 3
  • Thumbnail 4
  • Thumbnail 5
  • Thumbnail 6
  • Thumbnail 7
  • Thumbnail 8
  • Thumbnail 9
  • Thumbnail 10
  • Thumbnail 11
  • Thumbnail 12
  • Thumbnail 13
  • Thumbnail 14
  • Thumbnail 15
  • Thumbnail 16
  • Thumbnail 17

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

Talkback

8 comments
Log in or register to join the discussion
  • I'd hardly call them hacks.

    They paid the companies to put in back doors, no hacking skills necessary.
    Jacob VanWagoner
    • Not necessarily

      Even the devices (like COTTONMOUTH-III - http://www.zdnet.com/top-nsa-hacks-of-our-computers_p16-7000024787/#photo) which are soldered to the motherboard could be done without vendor cooperation or knowledge. We know from other documents that they can have shipments diverted to them, contents modified and then forwarded on to the destination. Many of the tools could be applied by IT at the company.
      I'm inclined to believe that very few vendors, as a company decision, would knowingly install any of these tools. It's probably easier for everyone if the NSA bribes or otherwise induces an employee to do it for them, either an employee at the manufacturer, or at a distributor or in company IT.
      larry@...
  • This is why we build our own.

    For military and government contractors, all parts must be made (and assembled) in the USA. Quite simply so China doesn't do this to us.
    gwrankin
    • That can't be true

      There are too many parts not made in the US for that to be true. I didn't think anyone even makes DRAM in the US for a long time, and I bet nobody makes displays
      larry@...
  • If you want something really malicious and dangerous.....

    wait for the volunteers who willingly give their information up and expect you to do the same.
    trm1945
  • Is there anyway to catch such add-ons?

    Without knowing every chip that is supposed to be on a board and thus seeing something that doesn't belong there, how is anyone able to discover such devices or to protect against backdoors in any of the software we purchase?

    I assume there's a backdoor in every Comcast modem/DVR, every email software program, etc. Not that we can do anything about it. . .or can we?
    krettig
  • More incentive to use only companies with no US affiliation

    China is already developing a national Linux version and a national microprocessor. These NSA programs just encourage them to do it more rapidly. And good luck finding a bunch of US-based engineers and computer scientists who know technical Chinese well enough to hack hardware and software written from the ground up in Chinese and can qualify for the necessary US security clearances.
    Rick_R
  • can you help me?

    I'm an American in Beijing and I am being hacked by the same NSA gimmick shown in your article. The the second image in the series of slides at the bottom you see a screen says : internet self service system with an authorization code window
    THIS IS THE EXACT SCENARIO i EXPERIENCED WHEN CHECKING BACK INTO XIJIAO HOTEL ON THURSDAY
    TOOK THE HOTEL TECHNICIAL ONE HOUR TO GET CONNECTIVITY FOR ME
    I'm looking now at your article and I DON'T SEE IT!!!!
    I'm not a crazy paranoid weirdo.
    What is a person supposed to do? Please help me!
    Cheryl Petty