Hacker group accuses German government of using illegal Trojan horse

Oct 11, 2011 by Bob Yirka report

(PhysOrg.com) -- Governments all over the world are wrestling with the legalities of computer snooping in their efforts to catch people doing illegal things, or to prove that wrongful acts have been committed after the fact. Now comes a blog posting by a well-known hacker group that calls itself the Chaos Computer Club (CCC), accusing the German government of overstepping its bounds by infecting suspected criminal’s computers with a Trojan horse program that allows it to do more than has been granted by law.

The program, which the group calls “Bundestrojaner” or State Trojan in German, is purportedly able to scrape a hard drive looking for data, grab screen shots, insert a program to run or turn on a computer’s microphone and video camera. German law allows law enforcement to use a Trojan program to monitor Skype type conversations, but nothing else. Thus, if the accusations by the CCC turn out to be true, someone in in Germany is going to be in a lot of hot water.

So far two separate antivirus companies (Sophos and F-Secure) have verified that the Trojan does exist and that it does what the CCC claims it does, but neither is willing to suggest that there is proof the is behind its development and/or use. For its part, representatives of the German government, at least at the federal level, have denied using any illegal software to catch criminals.

The posting by the CCC came about when the group was approached by a lawyer who had a client who believed he’d been hacked - screen shots of his computer were presented at trial. The lawyer handed over the computer to the CCC who examined it and found the Trojan. Thus, it appears that if the Trojan was commissioned and used by the government, it likely it was done at a more local level.

So far, three German states have admitted using a Trojan program to gather information from computers used by suspects, but all of them insist that they’ve only used the type allowed by law, i.e. to monitor Skype conversations, similar to old-fashioned telephone wire-tapping.

Also, a company called DigiTask was unveiled recently by Wikileaks, as a maker of such Trojan type software programs, and when queried admitted they had created a Trojan called Quellen-TKU, which they says only allows for Skype type activities on computers. A spokesman for the company says it is looking into whether it’s Trojan may have been modified into the Bundestrojaner by a third-party.

The German government is apparently looking into the whole matter and further announcements are likely to come as more information becomes available.

Explore further: Twitpic to stay alive with new owner

Related Stories

Wiretapping Skype calls: virus eavesdrops on VoIP

Sep 02, 2009

(AP) -- Some computer viruses have a crude but scary ability to spy on people by logging every keystroke they type. Now hackers and potentially law enforcement have another weapon: a virus that can eavesdrop on voice conversations ...

Energizer Duo battery charger hides a Trojan

Mar 09, 2010

(PhysOrg.com) -- The Energizer Duo USB battery charger has been hiding a backdoor Trojan in its software that affects computers using Windows. According to Symantec the Trojan has probably been there since ...

Sophos identifies a trojan for OS X

Feb 28, 2011

(PhysOrg.com) -- Macs have, for the most part, been considered to be more secure than their PC counterparts due to the lack of developments of viruses and other malicious codes that are created for them. Most ...

Digital frame virus traced to China

Feb 19, 2008

A powerful virus recently discovered in digital photo frames has been identified as a Chinese Trojan Horse that gathers personal information.

Trojan-horse developers confess

Mar 15, 2006

An Israeli couple, Ruth and Michael Haefrati, confessed in Tel Aviv District Court Tuesday to developing the Trojan-horse spyware program.

Recommended for you

Facebook dressed down over 'real names' policy

Sep 17, 2014

Facebook says it temporarily restored hundreds of deleted profiles of self-described drag queens and others, but declined to change a policy requiring account holders to use their real names rather than drag names such as ...

Yelp to pay US fine for child privacy violation

Sep 17, 2014

Online ratings operator Yelp agreed to pay $450,000 to settle US charges that it illegally collected data on children, in violation of privacy laws, officials said Wednesday.

User comments : 2

Adjust slider to filter visible comments by rank

Display comments: newest first

allanx896
5 / 5 (1) Oct 11, 2011
And that's why you should use Linux Mint or ubuntu Folks. tsk tsk.
jamesrm
not rated yet Oct 11, 2011
Been running PinguyOS (Ubuntu Gnome mint menu) since Unity was forced on us. Just wish Pinguy used/optioned Ciaro-dock and Xscreensaver, would save me some time.