Targeted attacks and zero day malware have always been rubbing shoulders, and it's not just a fad despite that everyone's remembering the wide-scale malware outbreaks attacking everything and everyone from the last couple of years. But the days of segmenting targeted attacks per country, city, WiFi/Bluetooth spot coverage are only emerging.
The idea of profitably serving a demand for a service however, is promting detective agencies to adapt to today's standards for surveillance and snooping in the form of using malware to obtain the necessary information. And despite that commercially obtainable surveillance tools are cheaply available to everyone interested and taking the risk of using them, customers obviously prefer to leave it to the "pros". Here's a story of an "adaptive" detective agency using targeted emails with malware to spy :
"The jury of five woman and seven men heard how the agency used "Trojan" computer viruses, which were hidden inside emails and attacked computers when opened, allegedly created by American-based IT specialist Marc Caron. Hi-tech devices used to bug phones were installed by interception specialist Michael Hall, the court was told. Prosecutors said a number of them were fitted to BT's telegraph polls and inside junction boxes, but BT eventually hid a camera in one of the boxes and caught him at work."
Here're more details on the targeted attack :
"Mrs Mellon opened it because it "purported to show what her husband was up to", said Ms Moore. It is alleged the agency hacked into emails to snoop on Tamara Mellon. The Trojan then recorded "every keystroke that was made", she said, including such things as bank account numbers and passwords. "They didn't take any money. They didn't steal anything, but from time to time they had a little snoop on behalf of their clients," Ms Moore said."
I imagine a questionnaire from such a detective agency in the form of the following :
- The victim's IT literacy from 0 to 5?
- Are they aware of the concept of anti virus and a firewall?
- List us all their contact points in the form of IM and email accounts
- Are they mobile workers taking advantage of near-office WiFi spots?
You get the point. Hopefully, such services wouldn't turn into a commodity, or even if they do, I'm sure they'll somehow figure out a way to legally forward the responsibility to the party that initiated the request.
Related posts:
HP Spying on Board of Directors' Phone Records
HP's Surveillance Methods
Mark Hurd on HP's Surveillance and Disinformation
Independent Contractor. Bitcoin: 15Zvie1j8CjSR52doVSZSjctCDSx3pDjKZ Email: dancho.danchev@hush.com OMEMO: ddanchev@conversations.im | OTR: danchodanchev@xmpp.jp | TOX ID: 2E6FCA35A18AA76B2CCE33B55404A796F077CADA56F38922A1988AA381AE617A15D3D3E3E6F1
Thursday, April 26, 2007
Outsourcing The Spying on Your Wife
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment