MegaPanzer: Parts of Possible Govware Trojan Released under GPL
The name Ruben Unteregger may well become more newsworthy in the next few days. Unteregger has been working at the Swiss ERA IT Solutions company to develop the trojans MegaPanzer and MiniPanzer and has released the code under GPL.
After working for ERA IT Solutions for seven years, Unteregger is only sporadically releasing parts of his trojan under GPLv3. His homepage currently has the downloadable source code for his Skype trojan that taps Skype conversations and dumps the audio data to MP3 files. Swiss authorities have allegedly been using the software since October 2006.
Originally designed for attacks on Windows XP, the MegaPanzer code is "simple and straightforward," according to Unteregger in his blog. The backdoor gets instructions from a specially prepared server (the "dropzone") and transfers the audio data. The Skype-Tap intercepts Skype function calls, dumps the audio data to files, converts them to MP3 and encrypts them. The code is currently missing a few pieces for security reasons, among them a plugin system for the backdoor and functions to circumvent firewalls. These Unteregger will publish later as separate tools and also put them under GPL. His bottom line is, "as always I am open for your opinions and criticism."
The Swiss developer lets on to some of his work at ERA IT Solutions in an interview on gulli.com. Whether this type of benevolent malware has some use for other govware is yet to be seen. Unteregger won't say for sure whether Linux or Mac versions are currently being considered.
great postThanks a lot for sharing the article on cash. That's a awesome article. I enjoyed the article a lot while reading. Thanks for sharing such a wonderful article.I want to say very thank you for this great informations. now i understand about it. Thank you !
New version of the sniffing plugin for Skype 4 availableI used the time over christmas to work on the Skype trojan source code. The code was a little messy, it compiled but at some places it crashed. The old source was optimised for Skype 3 and about for a year now Skype 4 is spreading more and more. Therefore I decided to clean up the code and adapt it that way it works toghether with the new Skype version.
It took its time, several bugs were fixed, some of the old features were removed as for example encryption and encoding.
The source is available here : http://www.megapanzer.com/w.../uploads/SkypeTap_20091226.zip
New release comes with better semantic search and improvements to Kontact.
Annual code quality report shows FOSS is more secure at all project size levels.
A new class of problems lets a malicious app pre-configure an invisible privilege update.
New Hack language adds static typing and other conveniences.
New crypto policy system will offer easier configuration and more uniform security.
Ubuntu founder denounces insecurity in proprietary, close-source software blobs.
Vulnerability affects many Linux web servers