![]() Have any F-Secure customers been exposed to R2D2? The "heuristic" category indicates that our automation flagged the file based on rules that our analysts have created. Our system automation didn't like scuinst.exe and automatically set it to be blocked on customers' computers. And here's a document showing The German Customs Investigation Bureau purchasing surveillance services from DigiTask worth 2075256 euro. For more information on the background of DigiTask and Skype Capture Unit, see these documents leaked by WikiLeaks. Skype Capture Unit is the name of the commercial trojan developed by a company called DigiTask from the city of Haiger, Germany. What's the importance of the filename scuinst.exe? It's an abbreviation for Skype Capture Unit Installer. The installer file is called "scuinst.exe". ![]() Here's a screenshot from our malware containment system: (Which would have been locally installed on the suspect's computer.) The CCC apparently did not have access to the installer. The CCC's report included analysis of the backdoor's DLL and a kernel driver. Here's some additional details about the backdoor itself. In one case, the trojan was installed on a suspect's laptop while he was passing through customs & immigration at the Munich International airport. "0zapftis"), though they say the backdoor falls within what's allowed. Last weekend, the German based Chaos Computer Club (CCC) published details on a backdoor trojan they claimed was being used by German authorities, in violation of German law.Īnd now, several German states have admitted to using Backdoor:W32/R2D2.A (a.k.a. More Info on German State Backdoor: Case R2D2
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |