Disturbing news from Germany today with reports of a sanctioned Malware component from German government.
The Chaos Computer Club has discovered a Trojan horse virus that is capable of spying on Skype internet calls, monitoring the online activity of infected computers, logging keystrokes, and updating its functionality via the net.
The tenuous link to travel is according to German lawyer Patrick Schladt that the malware was allegedly installed onto the computer as it passed through customs control at Munich Airport. Mr Schaldt was defending his client against charges that fall under German law related to pharmaceuticals.
When the suspect and his legal team examined the digital evidence against them they found evidence that suggested a Trojan had been present – and the hard disk was shared with the CCC with the permission of Schladt’s client.
The CCC were able to use forensic software to restore deleted files from the hard drive, uncovering the R2D2 Trojan horse.
Ouch.
This really goes back to data security 101 for everyone.
- Keep an eye on your computer when you travel
- Don’t let it out of your sight
- Sanitise your hard disk if you can before travel
- Keep only what you need on your computer
- Use Strong Encryption if possible (TruCrypt is a favourite)
- Change your passwords regularly
- Run an up-to-date virus scanner and sweep the computer regularly (Already, F-Secure and Sophos have released updates, with other vendors to follow I hope)
- If you suspect your computer has been tampered with, stop using it and wipe the thing down, or install a new hard disk
Sophos has extended coverage from in their Naked Security feed (here , and here) with F-Secure breaking the story.
Under German law, police are allowed to use spyware to snoop on suspected criminals – but only under strict guidelines.
People – lets be careful out there.
Schrott says
“…malware was allegedly installed onto the computer as it passed through customs control at Munich Airport”
A laptop is potentially out of sight for a very brief period while going through security checks; any customs checks are usually performed in the presence of the customer. So how do the Krauts install spyware? Unless the passenger was stupid enough to place the computer in his checked baggage. In which case, he deserves to be spied upon and worse…