Reefa Posted March 6, 2015 Share Posted March 6, 2015 Last month, cyber security researchers spotted a new strain of french surveillance malware, dubbed "Babar," which revealed that even French Government and its spying agency the General Directorate for External Security (DGSE) is dedicatedly involved in conducting surveillance operation just like the United States — NSA and United Kingdom — GCHQ. A powerful piece of surveillance malware, known as "Casper," has recently been discovered by the Canadian security researchers that once again point fingers at the French government. CASPER SURVEILLANCE MALWARE LINKED TO FRANCE The newly discovered sophisticated Casper surveillance malware is believed to be developed by France based hacking group suspected to have ties with the French government, according to the report published by Motherboard. Report suggests that French hacking group have developed ‘Swiss Army knife of spying tools’ which has been used by French government to conduct multiple espionage campaigns over the last few years. WHAT IS CASPER ? Casper is a ‘recognition tool’, designed to profile its targets and determine whether the victim is of interest for further surveillance or not. Casper surveillance malware was used as an initial program before deploying any advance persistent malware into the targeted computers for espionage purpose. In April 2014, Casper surveillance malware was especially hosted on a hacked Syrian Government‘s Ministry of Justice website to infect its targets by exploiting two Flash Player zero-day vulnerabilities that were not known publicly at that time. Syrian Ministry of Justice website which was set up in 2011 by the government for citizens to send complaints to the Bashar al-Assad regime. Casper malware was hosted in a folder on the website and users who accessed that folder were infected by the surveillance malware. These kind of zero-day exploits, in some way, open doors for hackers to collect information from the target computers and cost Millions of Dollars in exploit market. It is believed that Casper surveillance malware is created by experts with significant financial resources i.e. State-sponsored. BABAR, CASPER — SAME MALWARE FAMILY — SAME FATHER After analyzing the code fragments of a Casper malware, researchers found numerous similarities between Casper surveillance malware and the Babar. Babar, is an advance malware developed in 2009, capable of eavesdropping on online conversations which held via Skype, MSN and Yahoo messenger, and records and transfers keystrokes, clipboard data, and monitors which websites an infected user has visited. Babar was used against Iranian nuclear research institutes and universities, and European financial institutions. It was previously mentioned in a slideshow leaked by NSA whistleblower Edward Snowden, where it was linked to French Government by the Canadian intelligence agency. Casper, on other hand, is the mature version of the Babar and is literally a ghost spy program. Once infected, Casper surveillance malware gather all the "intelligence information" about the target computer and sends them back to the control center without ever revealing its presence.If a victim was found interesting and worthy of further hacking, Casper surveillance malware enabled the hackers to deploy additional malware, such as Babar, through a built-in platform for plugins.http://thehackernews.com/2015/03/casper-surveillance-malware-france.html Link to comment Share on other sites More sharing options...
emerglines Posted March 6, 2015 Share Posted March 6, 2015 Flash and Java the ultimate problem couple! Link to comment Share on other sites More sharing options...
dMog Posted March 7, 2015 Share Posted March 7, 2015 and we needed this confirmation to prove ALL governments engage in nsa type activity...even the good boys form putin's secret back room do this stuff... wake up and smell the coffee and don't be thinking ONLY the usa does this and is the only bad boy crapping in the sand box we all play in Link to comment Share on other sites More sharing options...
STEEL Posted March 8, 2015 Share Posted March 8, 2015 and we needed this confirmation to prove ALL governments engage in nsa type activity...even the good boys form putin's secret back room do this stuff... wake up and smell the coffee and don't be thinking ONLY the usa does this and is the only bad boy crapping in the sand box we all play in :rolleyes: Can confirm; We do it aswell. They call it Ghosting the Code (our spies :rant: ), or FINSPY or aka SPYFIN. ;) “The best programmers are up to 28 times better than the worst programmers” :P Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.