MegaPanzer: Parts of Possible Govware Trojan Released under GPL
The name Ruben Unteregger may well become more newsworthy in the next few days. Unteregger has been working at the Swiss ERA IT Solutions company to develop the trojans MegaPanzer and MiniPanzer and has released the code under GPL.
After working for ERA IT Solutions for seven years, Unteregger is only sporadically releasing parts of his trojan under GPLv3. His homepage currently has the downloadable source code for his Skype trojan that taps Skype conversations and dumps the audio data to MP3 files. Swiss authorities have allegedly been using the software since October 2006.
Originally designed for attacks on Windows XP, the MegaPanzer code is "simple and straightforward," according to Unteregger in his blog. The backdoor gets instructions from a specially prepared server (the "dropzone") and transfers the audio data. The Skype-Tap intercepts Skype function calls, dumps the audio data to files, converts them to MP3 and encrypts them. The code is currently missing a few pieces for security reasons, among them a plugin system for the backdoor and functions to circumvent firewalls. These Unteregger will publish later as separate tools and also put them under GPL. His bottom line is, "as always I am open for your opinions and criticism."
The Swiss developer lets on to some of his work at ERA IT Solutions in an interview on gulli.com. Whether this type of benevolent malware has some use for other govware is yet to be seen. Unteregger won't say for sure whether Linux or Mac versions are currently being considered.
Comments
comments powered by DisqusSubscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
ONLYOFFICE v9 Embraces AI
Like nearly all office suites on the market (except LibreOffice), ONLYOFFICE has decided to go the AI route.
-
Two Local Privilege Escalation Flaws Discovered in Linux
Qualys researchers have discovered two local privilege escalation vulnerabilities that allow hackers to gain root privileges on major Linux distributions.
-
New TUXEDO InfinityBook Pro Powered by AMD Ryzen AI 300
The TUXEDO InfinityBook Pro 14 Gen10 offers serious power that is ready for your business, development, or entertainment needs.
-
Danish Ministry of Digital Affairs Transitions to Linux
Another major organization has decided to kick Microsoft Windows and Office to the curb in favor of Linux.
-
Linux Mint 20 Reaches EOL
With Linux Mint 20 at its end of life, the time has arrived to upgrade to Linux Mint 22.
-
TuxCare Announces Support for AlmaLinux 9.2
Thanks to TuxCare, AlmaLinux 9.2 (and soon version 9.6) now enjoys years of ongoing patching and compliance.
-
Go-Based Botnet Attacking IoT Devices
Using an SSH credential brute-force attack, the Go-based PumaBot is exploiting IoT devices everywhere.
-
Plasma 6.5 Promises Better Memory Optimization
With the stable Plasma 6.4 on the horizon, KDE has a few new tricks up its sleeve for Plasma 6.5.
-
KaOS 2025.05 Officially Qt5 Free
If you're a fan of independent Linux distributions, the team behind KaOS is proud to announce the latest iteration that includes kernel 6.14 and KDE's Plasma 6.3.5.
-
Linux Kernel 6.15 Now Available
The latest Linux kernel is now available with several new features/improvements and the usual bug fixes.
great post
http://www.cocoschanel.com
http://www.gucciguccis.com
http://www.urboots.com
http://www.handbags2012.com
http://www.louisvuittonslv.com
http://www.uggmalls.com
New version of the sniffing plugin for Skype 4 available
It took its time, several bugs were fixed, some of the old features were removed as for example encryption and encoding.
The source is available here : http://www.megapanzer.com/w.../uploads/SkypeTap_20091226.zip