In the last couple of days, we’ve seen two articles detailing malware supposedly released by the FBI or other US federal bureau that was designed to snoop on citizens – in one case, via their Android phone – and in another, malware designed to reveal the identity of those would are attempting to hide it while using TOR anonymity browser.
In the former report, from the register (a UK tech blog) – former agents or officers from the FBI were supposedly the source of the Wall Street Journal’s article
The method was a spear fishing infection attack, which still relied on the un-savvy user clicking a link or installing a program – the Register also reports that the usual safe-surfing techniques of not opening un-trusted attachments, or unsigned downloads would protect from these FBI snooping malware techniques.
On the other hand, we have Wired report of a piece of malware inserted on holding pages placed on anonymous websites such as TorMail – and many more (some were child porn related) – that were hosted by “Freedom Hosting” – the holding page announced that the site was down, and also contained an iframe link to a javascript infector which used a zero-day exploit in firefox 17 – which is the included browser with the anonymous browsing kit “TOR Browser” – the open source project “TOR Project” released a statement saying they will fix the bugs if they can.
We have a feeling that these won’t be the last cyber-snooping reports we receive about US Federal Government – to say nothing of agencies in other countries – both friendly, and no-so-friendly…