Hackers reverse-engineer NSA-Spytools

Vor einem halben Jahr hatte der Spiegel den NSA Spy Gear Catalogue veröffentlicht, in dem zumindest Ausschnitte des Equipments aufgeführt waren. Problem: Keiner wusste, wie die Dinger funktionieren. Deshalb haben Wissenschaftler die Tools jetzt nachgebaut, die Funktion erarbeitet und veröffentlichen die nun in den kommenden Monaten auf NSA Playset, im August werden die Ergebnisse der Arbeit auf der Defcon präsentiert.

One reflector, which the NSA called Ragemaster, can be fixed to a computer's monitor cable to pick up on-screen images. Another, Surlyspawn, sits on the keyboard cable and harvests keystrokes. After a lot of trial and error, Ossmann found these bugs can be remarkably simple devices – little more than a tiny transistor and a 2-centimetre-long wire acting as an antenna. […]

Ossmann will present his work in August at the Defcon hacking conference in Las Vegas. Other teams will be there as well, unveiling ways to usurp NSA spy technology. Joshua Datko of Cryptotronix in Fort Collins, Colorado, will reveal a version of an NSA device he has developed that allows malware to be reinstalled even after being dealt with by antivirus software. It works by attaching its bug to an exposed portion of a computer's wiring system – called the I2C bus – on the back of the machine. "This means you can attack somebody's PC without even opening it up," says Ossmann.

Hackers reverse-engineer NSA's leaked bugging devices