Germany: Gov't software can spy on citizens

A well-regarded Germany-based hacker group claims a German government-created Trojan horse program is capable of secretly spying on Web users without their consent. The group says on its website that it obtained and analyzed a piece of software that is supposed to be a "lawful interception" program designed to listen in on Internet-based phone calls as part of a legal wiretap, but its capabilities go far beyond legal bounds.

The program is capable of logging keystrokes, activating Webcams, monitoring Web users' activities and sending mountains of data to government officials, the club said. To cover its tracks, the data is routed through rented servers located in the United States, the club alleges.

"To avoid revealing the location of the command and control server, all data is redirected through a rented dedicated server in a data center in the USA," the Club said on its website.

The German government has yet to comment on the findings, but already, antivirus companies are reacting to them. Security firm F-Secure will detect and disable the alleged government monitoring software if found on clients' computers, it announced on Saturday.

"Yes, it is possible the Trojan found by CCC is written by the German government. We just can't confirm that,” said Mikko Hypponen, F-Secure’s chief technology officer, via Twitter.

The program, labeled a "backdoor" because it can open a computer to surreptitious access, targets certain applications for keylogging, including Firefox, Skype, MSN Messenger, ICQ and others, according to F-Secure.

Read more...