Skip to main content

CCC criticises new version of government trojan

posted onOctober 27, 2011
by l33tdawg

The CCC (Chaos Computer Club) has analysedGerman language link the more recent version of Digitask's German government trojan that was discovered by Kaspersky. This version dates back to December 2010 and has not yet been associated with an actual case. The analysis focused on the improvements that were made to fix the previous version's weaknesses, and on the postulated "audit-proof logging" of all activities.

The CCC's "reversers" found that, while improvements were indeed made, these improvements are by no means sufficient to allow collection of evidence that is consistent with regulations.

According to the CCC, the 2010 model does encrypt data traffic in both directions, and it does include rudimentary authentication mechanisms, but it uses the same AES key as the version that is three years older. Furthermore, nothing appears to have changed about the embarrassing use of AES encryption's ECB mode. The CCC said that after briefly analysing a trojan, it is still possible to listen to, and even manipulate, all communications between the trojan and its C&C server.

Source

Tags

Germany Industry News Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th