Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Security The Internet Government United States

American Targeted By Digital Spy Tool Sold To Foreign Governments 85

An anonymous reader points out a report in Wired of an American woman at a "renowned academic institution" who received targeted malware from what was most likely a foreign government. "... analysis of [the downloader] showed that it was the same downloader that has been used in the past to install Remote Control System (RCS), a spy tool made by the Italian company Hacking Team and sold to governments." What's significant about this malware is that it is made by an Italian firm who claims they sell it only to government and law enforcement bodies, and it isn't of much use to your standard botnet operator. "The RCS tool, also known as DaVinci, records text and audio conversations from Skype, Yahoo Messenger, Google Talk and MSN Messenger, among other communication applications. It also steals Web browsing history and can turn on a computer’s microphone and webcam to record conversations in a room and take photos. The tool relies on an extensive infrastructure to operate and therefore is not easily copied and passed to non-government actors outside that infrastructure to use for their own personal spy purposes, according to a Hacking Team spokesman." There's no solid proof indicating who is responsible, but the malware email contained a link to a website in Turkey. "Turkey is a member of the North Atlantic Treaty Organization alliance. If authorities there were behind the hack attack, it would mean that a NATO ally had attempted to spy on a U.S. citizen on U.S. soil, presumably without the knowledge or approval of U.S. authorities, and for reasons that don't appear to be related to a criminal or counter-terrorism investigation."
This discussion has been archived. No new comments can be posted.

American Targeted By Digital Spy Tool Sold To Foreign Governments

Comments Filter:
  • by Anonymous Coward on Wednesday June 05, 2013 @07:25AM (#43913323)

    The poor USA is getting spied on. The audacity! A country that's always on its best behavior and has NEVER spied on allies, ever! Besides, are you sure that this isn't rebound spying, where the US lets others spy on US citizens to get information that they wouldn't be allowed to acquire directly themselves?

    • rebound spying, where the US lets others spy on US citizens to get information that they wouldn't be allowed to acquire directly themselves?

      This was my first thought when I read it.

    • I assure you that the people being spied upon are not the people who were spying on citizens of other countries. So I don't see the hypocrisy.
    • by gmuslera ( 3436 )
      Feeling in their own skin what they are doing to others (via their "representatives") is a good first step. That antivirus could not [slashdot.org] detect that kind of things because government orders adds a bit of spice. But anyway, they won't know how widespread this will become, whoever [washingtonpost.com] could warn them will be considered an enemy of the state, and prosecuted no matter where in the world they are.
  • Slavery... (Score:2, Insightful)

    by Rockoon ( 1252108 )
    If we sell all the Americans targeted by spy tools to other governments then that might close the budget gap!
    • It seems to work for Facebook. Let's just hope the US Government doesn't have an IPO, it could shatter the illusion of what it's actually worth.

  • by Anonymous Coward on Wednesday June 05, 2013 @07:44AM (#43913459)

    Hack the Planet!

  • by QuasiSteve ( 2042606 ) on Wednesday June 05, 2013 @07:53AM (#43913527)

    There's no solid proof indicating who is responsible

    Thanks, all we really needed to know, I guess.

    but the malware email contained a link to a website in Turkey.

    Let me send you one with a link to a website in Mexico. Sorry, make that Sweden. Germany? Italy? Take your pick.

    "Turkey is a member of the North Atlantic Treaty Organization alliance. If

    And there the subject line finds its origin. I love a good tinfoilhat story, but this is not even that. This is pretty much wild guesses.

    • by pellik ( 193063 )
      I'm inclined to believe that Turkey may be responsible here. Remember, these aren't actors capable of writing their own spyware. They simply bought a package from someone else and, presumably, put in their email address where it called for an email address in configuration. Hanlon's razor.
      • by AHuxley ( 892839 )
        Re: "these aren't actors capable of writing their own spyware" - Italy has had its SISMI military intelligence agency using the telco 'network' in very creative ways.
        http://en.wikipedia.org/wiki/SISMI-Telecom_scandal [wikipedia.org]
        If that is the quality of the systems created/used/requested over time in the EU, the ability to enter one computer network seems not too hard?
        ie if you have a simple domestic surveillance program covering 1000's of people, whats one US network in 2013 with that skill/support set?
        You also
    • If you read the article, the researcher did not download or examine the payload. They used a honeypot to view the downloader, but not the payload. The payload could be anything, but the downloader was used by a known software vendor.

      Though investigators didn’t obtain the file that the downloader was supposed to install, analysis of it showed that it was the same downloader that has been used in the past to install Remote Control System (RCS), a spy tool made by the Italian company Hacking Team and

  • Whoa! Stop the presses!!! You mean to tell me that countries that are nominally allies sometimes carry out covert intelligence operations against each other?

    If this comes as a shock to anybody, anywhere, you need to crawl out from under the proverbial rock. It happens all. the. time.

    And "a link to a website in Turkey" is hardly proof of anything. At all. And if it came from a GMail account, would there be dark aspersions that Google was behind it all?

  • Though investigators didn’t obtain the file that the downloader was supposed to install, analysis of it showed that it was the same downloader that has been used in the past to install Remote Control System (RCS), a spy tool made by the Italian company Hacking Team and sold to governments. A digital certificate used to sign the downloader has also been used in the past with Hacking Team’s tool.

    So because a difference piece of software has been used in conjunction with RCS in the past, this use o

  • by Taibhsear ( 1286214 ) on Wednesday June 05, 2013 @08:16AM (#43913733)

    Came here wondering how an American woman got sold to a foreign government. Great job as always, editors.

    • Same here, took me ages before i understood what the title was supposed to mean.

    • by T.E.D. ( 34228 )

      In their defense, if the editors didn't make the headlines confusing, most ./ readers wouldn't RTFSummary either.

      It must be a real burden to edit a text-oriented website for people who hate to read.

  • Hmmm ... (Score:5, Interesting)

    by gstoddart ( 321705 ) on Wednesday June 05, 2013 @08:27AM (#43913833) Homepage

    If authorities there were behind the hack attack, it would mean that a NATO ally had attempted to spy on a U.S. citizen on U.S. soil, presumably without the knowledge or approval of U.S. authorities, and for reasons that don't appear to be related to a criminal or counter-terrorism investigation.

    I'm pretty sure the US already does this -- possibly not for reasons other than criminal or counter-terrorism though.

    But, really, since we know with Carnivore and pretty much everything else the US spies on NATO allies as well.

    Unless we're meant to believe the US only does this on NATO allies with their express approval and oversight. Because, a t a minimum, we know the CIA has kidnapped people in Italy, a NATO member, without telling anybody.

    Does anybody really think countries don't actively spy on their allies if they feel the need?

  • The headline parsed as "(American Targeted By Digital Spy Tool) Sold To (Foreign Governments)."

  • by lee n. field ( 750817 ) on Wednesday June 05, 2013 @08:58AM (#43914125)

    it would mean that a NATO ally had attempted to spy on a U.S. citizen on U.S. soil, presumably without the knowledge or approval of U.S. authorities

    Why in the world would anyone think this?

  • A woman at an academic institution in the US is getting spied on. This is an important distinction sadly ignored by the attention grabbing headline; not everything every person does in a country should count as a direct proxy for that country. If it did, the act of spying would be a logical contradiction.
  • Americans should not be sold to foreign govt, irrespective of whether these Americans are targeted by Digital Spy Tools or not. It's like throwing the baby out with the bathwater or something.

  • by idontgno ( 624372 ) on Wednesday June 05, 2013 @10:55AM (#43915253) Journal

    The street finds its own uses for things.

    -- William Gibson, "Burning Chrome" [wikipedia.org]

  • ...because hackers have better tools they get for free from the Interwebs. Of course, if it does turn out to be hackers, this Italian firm could always stick a EULA on it and have the BSA enforce. Hackers aren't afraid of the government, but BSA lawyers scare everyone.

  • How hard would it have been to reword the title to the equally concise, yet unambiguous, "Digital Spy Tool Sold To Foreign Governments Used to Target American"?
    • ((Digital Spy) Tool) Sold To (Foreign Governments Used to (Target American))? Foreign governments accustomed to a Target American were sold a digital spy named Tool?

        • Just pointing out (pedantically) that your "unambiguous" version of the sentence is not perfectly unambiguous: there are multiple different grammatically correct ways to interpret the phrase.

          For example, "used to" might be taken in the sense of "a spoon is used to eat soup," or as in "he is used to being correct"; in the latter case, "Target" might be an adjective modifying "American," rather than the verb form "to Target". It might be the "Foreign Governments" that are "used to target American," rather tha

  • ... Is how much was the american that was first spied upon sold for and to what foreign government? Is the spied americans a market worth getting into?
  • Damn, reading the title of the submission I thought for sure I'd be reading another lurid tale of John McAfee being singled out for persecution by TPTB. What a disappointment!

Ummm, well, OK. The network's the network, the computer's the computer. Sorry for the confusion. -- Sun Microsystems

Working...