Government malware

Ask yourself this, if the government is able to demand the Anti-malware companies to ‘whitelist’ the government malware. How secure are you against government malware?! There are various examples which show how government malware was used to infect unaware people.

Bundestrojaner

The “Bundestrojaner” or State Trojan in German, is purportedly able to scrape a hard drive looking for data, grab screen shots, insert a program to run or turn on a computer’s microphone and video camera.

German law allows law enforcement to use a Trojan program to monitor Skype type conversations, but nothing else.

So far two separate antivirus companies (Sophos and F-Secure) have verified that the Trojan does exist and that it does what the CCC claims it does, but neither is willing to suggest that there is proof the  is behind its development and/or use.

The Bundestrojaner was discovered by the Computer Chaos Club in Germany.

Known crafted government malware

The governments all around the world want to use malware as this allows them to spy on people, this method provides them a lot of information and additional resources.

The biggest reason why the government would want to use government malware is because of the fact that it can be crafted very fast and it can be cost friendly, if managed right.

Do you know these government trojans:

  • Stuxnet
  • Duqu
  • Flame
  • R2D2
  • FinFisher
  • Bundestrojaner

Various insights on government malware

Recently security experts at Kaspersky lab identified a new malware family used in a large-scale cyber espionage campaign dubbed the Mask, probably the most sophisticated APT operation seen to date that hit entities in 31 different countries. The agents behind The Mask are Spanish-speaking and exploited at least a zero-day in their campaign, distributing the Mask malware on every OS including Mac OS X, Linux, and perhaps even iOS and Android.

Many experts argue that the anti-virus companies, in some cases, have not prevented the spread of malware because they agreed with the governments.

Vodafone used by the Government to spy on people

Vodafone has revealed the extent of government snooping on its networks around the world, in a long report that appears to confirm the worst fears of privacy campaigners. The firm reveals that authorities in 29 countries have approached it for information on users, and while some are fairly open about their demands, others do not permit the company to reveal anything. However, more worryingly for those who value privacy, the report shows that in six countries Vodafone is obliged to allow governments to listen-in to communications at will, without obtaining a warrant first. Vodafone said it complies with these requests because it has to abide by the laws of the countries in which it operates.

How Antivirus Companies Handle State-Sponsored Malware

Security researcher Bruce Schneier joined a specific security group to ask, if the antivirus companies were ignoring malware at the behest of a government.

Understanding that the companies could certainly lie, this is the response so far: no one has admitted to doing so.

The response from the antivirus companies:

Up until this moment, only a handful of the vendors have replied ESET, F-Secure, Norman Shark, Kaspersky, Panda and Trend Micro. All of the responding companies have confirmed the detection of state sponsored malware, e.g. R2D2 and FinFisher. Furthermore, they claim they have never received a request to not detect malware. And if they were asked by any government to do so in the future, they said they would not comply. All the aforementioned companies believe there is no such thing as harmless malware.

Government malware test

Now would it not be nice if a independend security researcher would startup a ‘anti-government malware test’ website which would allow people to scan their computer/browser for known malicious government codes? This can be done, as the FBI and the F-Secure security company published a malware scanner function: