backtop


Print 13 comment(s) - last by techyguy.. on Nov 4 at 9:31 PM


  (Source: AFP)
Attendees were reportedly given USB sticks with Trojan horse monitoring malware onboard

If you have a sneaking suspicion that someone is spying on you chances are it's the U.S. or Russia.  Recent leaks have revealed that the U.S. is not only engaging in massive spying on its own citizens (which some politicians feel is good news), but it's also been spying on foreign leaders.  Documents indicate that the U.S. and British intelligence communities collaborated on efforts to spy on world leaders at the G20 summit in 2009.

Russia seems to be operating off of a similar playbook.  Not too long ago leaks revealed it may be planning to spy on foreigners who visit the 2014 Winter Olympics.  And now a fresh leak offers fresh evidence that Russia, like the U.S., is operating as if George Orwell's 1984 is an instruction manual and like the Cold War never ended.

Various EU publications are reporting that the host of this year's G20 summit -- Russia -- may have made used malware-loaded accessories in complementary gift bags to foreign delegates as spying tools.  This year's G20 summit was held Sept. 5-6 at the historic Russian royal palace in Stelna, outside of St. Petersburg.  Russia seemed a very congenial host -- but now it's kindness is being called in question amid suspicion that its generous "gifts" were a gift that kept on giving -- giving data, that is.

Russian Royal PalaceThe summit was held at a former Russian royal palace outside of St. Petersburg.

The gift bags included USB sticks emblazoned with Russia's G20 logo and three-pronged phone chargers, of the format that's commonly used across most of Europe. According to sources the sticks contained malware.  And the phone chargers were equipped with an even more sophisticated combination of malicious hardware and malware -- similar to the "mactans" proof of concept that Georgia Institute of Technology security researchers showed at the annual Black Hat security conference in September.

Russia stick
One of the malware-containing thumb drives [Image Source: La Stampa]

According to two publications -- Turin, Italy-based La Stampa and Milan, Italy-based Il Corriere della Sera -- EU officials became suspicious of the devices, though it is unclear what triggered those suspicions.  Herman Van Rompuy, president of the European Council, gave an official voice to this line of inquiry and ordered an investigation.  The investigation has thus far been carried out by Germany's intelligence agencies, which have a fair deal of experience with espionage dating back to Germany's role as a key espionage stomping ground during the Cold War.

Russia G20

Russia G20
C'mon, don't you want to plug me in? [Image Source: La Stampa]

The newspapers quote a confidential memo from Mr. Van Rompuy to EU leaders, commenting:

[T]he USB sticks and the recharge cables are suitable for undercover detection of computer data and mobile phones.

Russia's federal government spokesperson Dmitri Peskov scoffed at these reports, commenting, "It is definitely nothing other than an attempt to switch attention from the problems that really exist, which dominate the agenda between the European capitals and Washington, to problems that are ephemeral and nonexistent."

The Kremlin (Russian federal government) denies trying to spy on its European neighbors.

Russia spy charger

Russia G20 Charger

Russia G20
Now that doesn't look suspicious at all -- the supposed Russian malicious charger. Image Source: La Stampa]

So far only the Italian newspapers have claimed first party sources confirming the allegations.  British newspapers have also been writing on the story, but cited the Italian leaks as their source.  A former spy official for Britain's MI6 suggested that if the claims are true Russia committed a "schoolboy error" that any major security service would detect.

In a comment to The Telegraph, the European Commission's spokesperson commented only, "We've not found any evidence of a problem."

That comment left it unclear whether the EC meant there was not attempt, or merely that the attempt was investigated and found to have been unsuccessful.  In a comment to The Telegraph Mr. Peskov reiterated his accusations, remarking:

These are really funny reports, actually. First of all they have no sources. It is a bold attempt to switch attention from very real problems existing between European capitals and Washington. It is a classic example of that.

Past social engineering experiments have shown that free USB sticks are a perfect way to deliver malware.  Amazingly, many employees at banks and various other data-sensitive companies were duped into plugging in malicious USB sticks that security researchers sprinkled in parking lots or other visible locations.  Steve Stasiukonis, a security veteran, is widely credited with popularizing this form of social engineering.

Sources: La Stampa [Italian; Google Translated], Il Corriere della Sera [Italian; Google Translated], Telegraph



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

The Chinese...
By deltaend on 11/1/2013 10:15:18 AM , Rating: 2
would have been much smarter than that.




RE: The Chinese...
By kleinma on 11/1/2013 11:04:35 AM , Rating: 3
You see, it actually was the chinese who put the malware on the russian USB key and charger....so you were both right and wrong ;)


RE: The Chinese...
By ammaross on 11/1/2013 11:43:49 AM , Rating: 2
Actually, I do believe the cube charger DOES say "Made in China" in the lower-right corner....


RE: The Chinese...
By Cypherdude1 on 11/4/2013 3:43:46 AM , Rating: 2
If the USB drive is plugged into a Windows system and the Windows system does not boot off it and the user does not run any executables off the drive, how exactly does the USB drive infect the system? Additionally, if you have competent anti-virus software running, won't it prevent any infection?


RE: The Chinese...
By tamalero on 11/4/2013 10:43:07 AM , Rating: 2
Windows as had flaws that didn't require you to do anything to get infected.
Also, didn't android devices had a flaw that they could infect any android device with malware by using infected chargers/usb connectors?

Also, remember most antivirus rely on definitions to find viruses.
If the russian virus had completely different code that did not match in the definitions.. it could have been just declared "a new app" by most virus scanners..


RE: The Chinese...
By techyguy on 11/4/2013 9:31:07 PM , Rating: 2
Dailytech reported that iPhone had the malware charger issue.

http://www.dailytech.com/Hackers+Install+Malware+o...


RE: The Chinese...
By superflex on 11/1/13, Rating: 0
RE: The Chinese...
By ClownPuncher on 11/1/2013 4:58:49 PM , Rating: 2
Woah. Someone stayed up too late last night.


RE: The Chinese...
By FaaR on 11/1/2013 8:44:25 PM , Rating: 1
Is that the correct euphemism going round dailytech these days for blatant, rampant racism? *rolleyes*


Article is Incorrect
By kondor999 on 11/4/2013 8:54:36 AM , Rating: 4
If you actually read the linked article re: the " Schoolboy Error " remark, you'll find the MI6 guy was not referring to the Russians , but rather the intended targets as being guilty of a "schoolboy error" if any of them actually inserted the thumb drives into a computer, or used the chargers.

It would be really nice if the "journalists" on this site could actually, well, read.




RE: Article is Incorrect
By theplaidfad on 11/4/2013 1:00:48 PM , Rating: 2
I suppose you haven't been paying attention to modern journalism. Snip and paste different parts of factual information as you see fit to make the story say what you want it to, spell check (still no grammar checking just yet), and post your "news".

Isn't the media grand?


By Captain Orgazmo on 11/1/2013 1:48:28 AM , Rating: 2
Perhaps when Comrade Vladdy Poutine ordered the KGB/FSB to "give those decadent capitalist scum a virus", he was thinking along the lines of spreading some ripe sputum on the items in the goodie-bags, or maybe insuring the high class Russian "sparrows" sharing the beds of the foreign diplomats were well infected... This is way too amateurish for the Shirtless Wrestler of Tigers.




By ClownPuncher on 11/1/2013 1:02:11 PM , Rating: 2
You're a weirdo, but I love you.


"If you look at the last five years, if you look at what major innovations have occurred in computing technology, every single one of them came from AMD. Not a single innovation came from Intel." -- AMD CEO Hector Ruiz in 2007














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki