Tumblelog by Soup.io
Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.

U.s. Firm Helped The Spyware Industry Build A Potent Digital Weapon For Sale Overseas - The Washington Post

The result: Merely by playing a YouTube video or visiting a Microsoft Live service page, for instance, an unknown number of computers around the world have been implanted with Trojan horses by government security services that siphon their communications and files. Google, which owns YouTube, and Microsoft are racing to close the vulnerability. Citizen Labs new report, based on leaked technical documents, is the first to document that commercial spyware companies are making active use of this technology. Network injection allows products built by Gamma and Hacking Team to insert themselves into an Internet data flow and change it undetectably in transit. The report calls that hacking on easy mode, in which compromising a target becomes as simple as waiting for the user to view unencrypted content on the Internet. Attacks of that kind were the stuff of hacker imaginings until this year, when news accounts based on documents provided by former National Security Agency contractor Edward Snowden described a somewhat similar NSA program code-named QUANTUMINSERT.
For the original version including any supplementary images or video, visit http://www.washingtonpost.com/world/national-security/spyware-tools-allow-buyers-to-slip-malicious-code-into-youtube-videos-microsoft-pages/2014/08/15/31c5696c-249c-11e4-8593-da634b334390_story.html

Don't be the product, buy the product!