![]() A screenshot of the software MiniPanzer showing some of its configuration settings | |
Original author(s) | Ruben Unteregger |
---|---|
Initial release | 2009 |
Preview release | 0.1 / 17 February 2016 |
Written in | C++ |
Operating system | Windows |
Platform | x86 |
Available in | English |
License | GPLv3 |
Website | sourceforge |
MiniPanzer and MegaPanzer are two variants of Bundestrojaner (German for federal Trojan horse) written for ERA IT Solutions (a Swiss federal government contractor) by software engineer Ruben Unteregger, and later used by Switzerland's Federal Department of Environment, Transport, Energy and Communications (UVEK) to intercept Skype and more generally voice over IP traffic on Windows XP systems. [1] [2]
The source code of the program was released under the GNU General Public License version 3 (GPLv3) in 2009 by their author, who retained the copyright. [1] Thereafter, the trojan was apparently detected in the wild. [3] One of its designations given by anti-virus companies was Trojan.Peskyspy. [4] [5]
The malware used DLL injection. [6]
The Chaos Computer Club (CCC) is Europe's largest association of hackers with 7,700 registered members. Founded in 1981, the association is incorporated as an eingetragener Verein in Germany, with local chapters in various cities in Germany and the surrounding countries, particularly where there are German-speaking communities. Since 1985, some chapters in Switzerland have organized an independent sister association called the Chaos Computer Club Schweiz (CCC-CH) instead.
In computing, a Trojan horse is a malware that misleads users of its true intent by disguising itself as a normal program. The term is derived from the ancient Greek story of the deceptive Trojan Horse that led to the fall of the city of Troy.
Back Orifice is a computer program designed for remote system administration. It enables a user to control a computer running the Microsoft Windows operating system from a remote location. The name is a play on words on Microsoft BackOffice Server software. It can also control multiple computers at the same time using imaging.
Back Orifice 2000 is a computer program designed for remote system administration. It enables a user to control a computer running the Microsoft Windows operating system from a remote location. The name is a pun on Microsoft BackOffice Server software.
This timeline of computer viruses and worms presents a chronological timeline of noteworthy computer viruses, computer worms, Trojan horses, similar malware, related research and events.
Norton AntiVirus is an anti-virus or anti-malware software product founded by Peter Norton, developed and distributed by Symantec since 1990 as part of its Norton family of computer security products. It uses signatures and heuristics to identify viruses. Other features included in it are e-mail spam filtering and phishing protection.
Ransomware is a type of malware that encrypts the victim's personal data until a ransom is paid. They commonly use difficult-to-trace digital currencies such as paysafecard or Bitcoin and other cryptocurrencies are used for the ransoms, making tracing and prosecuting the perpetrators difficult. Sometimes the original files can be retrieved without paying the ransom due to implementation mistakes, leaked cryptographic keys or a complete lack of encryption in the ransomware.
Browser hijacking is a form of unwanted software that modifies a web browser's settings without a user's permission, to inject unwanted advertising into the user's browser. A browser hijacker may replace the existing home page, error page, or search engine with its own. These are generally used to force hits to a particular website, increasing its advertising revenue.
Sub7, or SubSeven or Sub7Server, is a Trojan horse - more specifically a Remote Trojan Horse - program originally released in February 1999. Its name was derived by spelling NetBus backwards ("suBteN") and swapping "ten" with "seven". As of June 2021, the development of Sub7 is being continued.
File binders are utility software that allow a user to "bind" multiple files together, resulting in a single executable. They are commonly used by hackers to insert other programs such as Trojan horses into otherwise harmless files, making them more difficult to detect. Malware builders often include a binder by default.
The Storm Worm is a phishing backdoor Trojan horse that affects computers using Microsoft operating systems, discovered on January 17, 2007. The worm is also known as:
The Computer and Internet Protocol Address Verifier (CIPAV) is a data gathering tool that the Federal Bureau of Investigation (FBI) uses to track and gather location data on suspects under electronic surveillance. The software operates on the target computer much like other forms of spyware, whereas it is unknown to the operator that the software has been installed and is monitoring and reporting on their activities.
Man-in-the-browser, a form of Internet threat related to man-in-the-middle (MITM), is a proxy Trojan horse that infects a web browser by taking advantage of vulnerabilities in browser security to modify web pages, modify transaction content or insert additional transactions, all in a covert fashion invisible to both the user and host web application. A MitB attack will be successful irrespective of whether security mechanisms such as SSL/PKI and/or two- or three-factor authentication solutions are in place. A MitB attack may be countered by using out-of-band transaction verification, although SMS verification can be defeated by man-in-the-mobile (MitMo) malware infection on the mobile phone. Trojans may be detected and removed by antivirus software, but a 2011 report concluded that additional measures on top of antivirus software were needed.
SILK is an audio compression format and audio codec developed by Skype Limited, now a Microsoft subsidiary. It was developed for use in Skype, as a replacement for the SVOPC codec. Since licensing out, it has also been used by others. It has been extended to the Internet standard Opus codec.
Zeus is a Trojan horse malware package that runs on versions of Microsoft Windows. It is often used to steal banking information by man-in-the-browser keystroke logging and form grabbing. Zeus is spread mainly through drive-by downloads and phishing schemes. First identified in July 2007 when it was used to steal information from the United States Department of Transportation, it became more widespread in March 2009. In June 2009 security company Prevx discovered that Zeus had compromised over 74,000 FTP accounts on websites of such companies as the Bank of America, NASA, Monster.com, ABC, Oracle, Play.com, Cisco, Amazon, and BusinessWeek. Similarly to Koobface, Zeus has also been used to trick victims of technical support scams into giving the scam artists money through pop-up messages that claim the user has a virus, when in reality they might have no viruses at all. The scammers may use programs such as Command prompt or Event viewer to make the user believe that their computer is infected.
Bundestrojaner may refer to one of several pieces of software with this purpose:
FinFisher, also known as FinSpy, is surveillance software marketed by Lench IT Solutions plc, which markets the spyware through law enforcement channels.
The ANT catalog is a classified product catalog by the U.S. National Security Agency (NSA) of which the version written in 2008–2009 was published by German news magazine Der Spiegel in December 2013. Forty-nine catalog pages with pictures, diagrams and descriptions of espionage devices and spying software were published. The items are available to the Tailored Access Operations unit and are mostly targeted at products from US companies such as Apple, Cisco and Dell. The source is believed to be someone different than Edward Snowden, who is largely responsible for the global surveillance disclosures during the 2010s. Companies whose products could be compromised have denied any collaboration with the NSA in developing these capabilities. In 2014, a project was started to implement the capabilities from the ANT catalog as open-source hardware and software.
Regin is a sophisticated malware and hacking toolkit used by United States' National Security Agency (NSA) and its British counterpart, the Government Communications Headquarters (GCHQ). It was first publicly revealed by Kaspersky Lab, Symantec, and The Intercept in November 2014. The malware targets specific users of Microsoft Windows-based computers and has been linked to the US intelligence-gathering agency NSA and its British counterpart, the GCHQ. The Intercept provided samples of Regin for download, including malware discovered at a Belgian telecommunications provider, Belgacom. Kaspersky Lab says it first became aware of Regin in spring 2012, but some of the earliest samples date from 2003. Among computers infected worldwide by Regin, 28 percent were in Russia, 24 percent in Saudi Arabia, 9 percent each in Mexico and Ireland, and 5 percent in each of India, Afghanistan, Iran, Belgium, Austria, and Pakistan.
Wire is an encrypted communication and collaboration app created by Wire Swiss. It is available for iOS, Android, Windows, macOS, Linux, and web browsers such as Firefox. Wire offers a collaboration suite featuring messenger, voice calls, video calls, conference calls, file-sharing, and external collaboration – all protected by a secure end-to-end-encryption. Wire offers three solutions built on its security technology: Wire Pro – which offers Wire's collaboration feature for businesses, Wire Enterprise – includes Wire Pro capabilities with added features for large-scale or regulated organizations, and Wire Red – the on-demand crisis collaboration suite. They also offer Wire Personal, which is a secure messaging app for personal use.