[CryptoParty] Identitaetsdiebstahl und Manipulation
an.to_n-73 at riseup.net
an.to_n-73 at riseup.net
Sa Jul 19 16:55:38 CEST 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Servues!
Am Mo hat G. Greenwald einen Einblick in das Instrumentarium der JTRIG
(Joint Threat Research Intelligence Group) des GCHQ gegeben (1), deren
Crackergruppe. Was die drauf haben, ist technisch schon beeindruckend.
An die Namen wie 'concrete donkey' = Betonesel muss man sich erstmal
gewoehnen, vielleicht machen die Teatime mit Drogen oder so ....
Mein Favorit ist uebrigens GODFATHER - Public data collection from
Facebook.
Den kompletten GCHQ Wiki Eintrag kann man sich hier (2) laden. Ich
habe einen Auszug nach Themen sortiert, weiter unten. Besonders
spannend finde ich die Bloecke Identitaetsdiebstahl und Manipulation.
GCHQs Stellungsnahme zu den Programmen ist wie ueblich "it acts 'in
accordance with a strict legal and policy framework' and is subject to
'rigorous oversight.'". Da habe ich leichte Zweifel ...
Viele Gruesse
Anton
- -----
## Identity Theft
BURLESQUE is the capability to send spoofed SMS text messages
CHANGELING Ability to spoof any email address and send email under
that identity
SCRAPHEAP CHALLENGE Perfeet spoofing of emails from Blackberry targets.
## Insertion of files
SPACE ROCKET is a programme covering insertion of media into target
networks. CRINKLE CUT is a tool developed by ICTR-CISA to enable JTRIG
track images as part of SPACE ROCKET
## Manipulation
BADGER mass delivery of email messaging to support an Information
Operations campaign
BIRDSONG Automated posting of Twitter updates
BOMB BAY is the capability to increase website hits
CANNONBALL is the capability to send repeated text messages to a
single target
CLEAN SWEEP Masquerade Facebook Wall Posts for individuals or entire
countries
CONCRETE DONKEY is the capability to scatter an audio message to a
large number of telephones or repeatedly bomb a target number with the
same message.
GLASSBACK Technique of getting a targets IP address by pretending to
be a spammer and ringing them. Target does not need to answer.
IMPERIAL BARGE For connecting two target phone tagether in a call.
PITBULL Capability under development enabling I arge scale delivery of
a tailored message to users of Instant Messaging services
SERPENTS TONGUE for fax message broadcasting to multiple numbers.
SKYSCRAPER Production and dissemination of multimedia via the web in
the course of information operations.
UNDERPASS Change outcome of online polls (previously known as NUBILO)
WARPATH Mass delivery of SMS messages to support an Information
Operations campaign
## Surveillance
ANCESTRY Tool for discovering the creation date of yahoo selectors
BIRDSTRIKE Twitter monitoring and profile collection
BUGSY Google+ collection (circles profiles etc.)
DANCING BEAR obtains the locations of Wifi access points
DEER STALKER Ability to aid geolocation of Sat Phones I GSM Phones via
a silent calling to the phone
DRAGON'S SNOUT Paltalk group chat collection
EXCALIBUR acquires a Paltalk UID and/or email address from a Screen Name
FATYAK Public data collection from Linkedln
FUSEWIRE Provides 24/7 monitoring of Vbulliten forums for target
postings/online activity. Also allows staggered postings to be made.
GODFATHER Public data collection from Facebook
GOODFELLA Generic framework for public data collection from Online
Social Networks.
HACIENDA Is a port scanning tool designed to scan an entire country or
city
MINIATURE HERO Active skype capability. Provision of real time call
records (SkypeOut and SkypetoSkype) and bidirectional instant
messaging. Also contact lists.
MUSTANG provides covert access to the locations of GSM cell towers.
PHOTON TORPEDO A technique to actively grab the IP address of an MSN
messenger user
SODAWATER A tool for regularly downloading gmail messages and
forwarding them onto
CERBERUS mailboxes
SPRING BISHOP Find private photographs of targets on Facebook
TANNER A technical programme allowing operators to log on to a JTRIG
website to grab IP addresses of Internet Cafe's.
## Cracking
GURKHAS SWORD Beaconed Microsoft Office Documents to elicite a targets
IP address
MOLTEN MAGMA CGI HTIP Proxy with ability to log all traffit and
perform HTTPS Man in the Middle.
TORNADO ALLEY is a delivery method (Excel spreadsheet) that can
silently extract and run an executable on a target' machine
TRACER FIRE An Office Document that grabs the targets Machine info
files logs etc and posts it back to GCHQ
## Sabotage
ANGRY PIRATE is a tool that will permanently disable a target's
account on their computer.
BUMPERCAR+ is an automated system developed by JTRIG CITD to support
JTRIG BUMPERCAR operations. BUMPERCAR operations are used to disrupt
and deny lnternet based terror Videos or other material. The technique
employs the services provided by upload providers to report offensive
materials
PREDATORS FACE Targeted Denial Of Service against Web Servers
ROLLING THUNDER Distributed denial of service using P2P. Built by ICTR
deployed by JTRIG.
SCARLET EMPEROR Targeted denial of service against targets phones via
call bombing.
SILENT MOVIE Targeted denial of service against SSH services.
SILVERLORD Disruption of videobased websites hosting extremist content
through concerted target discovery and content removal
STEALTH MOOSE is a tool that will Disrupt target's Windows machine.
Logs of how long and when the effectis active
SUNBLOCK Ability to deny functionality to send/receive email or view
material online.
SWAMP DONKEY Is a tool that will silently locate all predefined types
of file and encrypt them on a targets machine
- -----
1)
https://firstlook.org/theintercept/2014/07/14/manipulating-online-polls-ways-british-spies-seek-control-internet
2) http://s3.documentcloud.org/documents/1217406/jtrigall.pdf
- --
an.to_n-73 at riseup dot net , PGP:
0B4C DF2C CB22 5DF4 25EA F212 49D1 ABF2 A2A9 7D7D
Bitmessage: BM-2cTY8fuXGGXmh3fVgfQMaRCqTpgqp479ux
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBAgAGBQJTyobnAAoJEEnRq/KiqX19amwQAJJMnJAljZ+jc2KC8s9E9v1V
2tY4UHDkZF9tFj+6UgdsD5xLwYQP4dVs9Je43afRkuh5V0NK+uAKUUmmY5U0NrOH
zIhRvu11+2G9GrhkjcP9GnnYaXH4FquZQwBrCmHXdkwB1EyCXVOZonIfOP8tdUt1
eeNClAx+k1yCE7N+YQsAhgVpYyo8/YpV4aS9s5miQlNsTDZQF98/C6PSP41M8glQ
2wh5njiQGGxrvMWNP98CsXcrB8HKCZfEY2UGjSCq+4UtXiF8NJ6ZpIxQQFJKfWsx
YnSVJX417zCtymFPWl6O4RsCT4EpvkFmO9CQcas7UyZaFX56MfDTObWYv9xXcHH6
jmZfdhkUFMx3md3hwk7AIen/0FO5Cb+zgdH7xjaVDR/Vrza3JsHsVgi8FLS7ivsU
7dYjAEqKlm+W3m4Py1U7oo+vaBUY04sF4UvYfUR+lK8FWqxCm9r/flJXm8KmP8dT
Uyr4ttl94phBob8BM9kmOFY90wYYZ1QVRE16CN8ztfPDas/euvhMogMmpwbzRG55
CCNwHk6l2i7q3OR9XLFuKD+RilmvVeV6hbZZeUilCjpstNEINBO0FDkhD39biSit
64uXkSWL/kAeWtzW6dFZm2t43dTHTIFAtbPeMCP6IFcKK7aZl72JcFG79K8eTwn1
JpXd6hIyl7a8nbxAqZtK
=Glsn
-----END PGP SIGNATURE-----
Mehr Informationen über die Mailingliste CryptoParty