Clever Geek Handbook
📜 ⬆️ ⬇️

ANT Directory (NSA)

Catalog page

ANT Directory ( NSA ANT catalog ) is a 50-page NSA document containing a list of electronic espionage devices and technologies held by ANT (a division of the NSA), most of which are available to US citizens and organizations and members of the so-called intelligence alliance. five eyes ”( USA , Canada , UK , Australia , New Zealand ). The document is classified as “special importance” ( English top secret ).

According to a publication in Der Spiegel magazine on December 30, 2013 (the authors are D. Applebaum, Y. Norhert, and K. Steeker), “the document is perceived as a mail-order catalog, through which each NSA employee can order the necessary tools for work with their objects ” [1] [2] [3] [4] [5] [6] [7] [8] . The catalog was created in 2008 [9] .

An independent cybersecurity expert from the United States, in his speech at the World Hackers Congress in Hamburg in 2013, described in detail the methods that the NSA uses to conduct global computer surveillance in the United States and abroad; at the same time, the mentioned article by Appelbaum, Norhert and Stoecker was published in Der Spiegel , while the source, from which they became aware of the existence of the ANT catalog, was not disclosed [5] [10] .

Prices for products and devices from the ANT catalog range from zero (usually for software) to $ 250,000 [1] .

Content

History

Despite the fact that information about the catalog appeared after revelations by former NSA officer Edward Snowden , well-known computer security expert Bruce Schneier said he did not believe that information about the ANT catalog came from Snowden documents, and suggested that there was another channel of “leaks” from the NSA [11] .

The ANT catalog mainly includes software products and devices manufactured by US companies such as Apple [12] , Cisco , Dell , Juniper Networks , Maxtor , Seagate Technology and Western Digital , and there is no indication in the catalog that these companies themselves are involved. to the production of spyware [1] [13] . The article in Der Spiegel mentioned that the NSA has the ability to install DROPOUTJEEP spyware on iPhones (see below), after which Apple issued a statement in which the company denied installing spyware on iPhones and announced that it would take measures to protect customers from malware "no matter who is behind it" [14] . Cisco, in turn, formed a team of product security specialists - Cisco Product Security Incident Response Team (PSIRT) to study the vulnerability of their gadgets [15] .

Products Offered

 
CANDYGRAM
 
COTTONMOUTH-I

The ANT catalog contains a number of devices and computer programs for cyber espionage , including [16] :

  • BULLDOZER: a technology that allows NSA employees to remotely control a wireless communication system [13] ;
  • CANDYGRAM: a device that emulates the operation of a mobile GSM tower, the price is $ 40,000;
  • COTTONMOUTH: a family of modified USB and Ethernet connectors that can be used to install Trojans and operate on the principle of a network bridge , providing hidden remote access to a computer that is subject to penetration [17] , includes:
    • COTTONMOUTH-I is a plug-in USB connector that uses TRINITY (see below) as a digital core and HOWLERMONKEY (see below) as a radio frequency transceiver. In 2008, the price of the device was about $ 1 million per batch of 50 units;
    • COTTONMOUTH-II - USB input port, costs about $ 200 thousand for a batch of 50 pieces, but for its development of the system in the computer - the victim of the attack requires further hardware adaptation;
    • COTTONMOUTH-III - Ethernet and USB-connector, the price is about $ 1.25 million for 50 pieces.
  • CROSSBEAM - a module capable of accumulating and compressing audio files (voice data) transmitted over communication channels in GSM format [18] ;
  • The CTX4000 is a fixed-frequency radar device that is capable of extracting information from a switched off device — a spying object [19] ;
     
    CYCLONE-HX9
  • CYCLONE-HX9 - GSM base station router;
  • DEITYBOUNCE is a technology that allows installing backdoor programs on Dell PowerEdge servers via motherboard BIOS and RAID controllers [20] ;
  • DROPOUTJEEP - “spyware software for iPhones manufactured by Apple, which performs certain electronic intelligence tasks, including the ability to download / delete files from the device’s memory, search for SMS messages, search the address book and voice mail, geolocation, intercept microphone and video recordings, and more . Remote control and transfer of data from an infected iPhone can be carried out by SMS messages or connecting to GPRS, while all communications carried out by spyware are hidden and encrypted " [7] ;
 
EBSR
  • EBSR (in the picture on the right) - GSM multipurpose three-band base station [21] ;
  • FEEDTROUGH are computer programs that can traverse Juniper Networks firewalls to install other spyware on a computer network. [1] [8] [22] ;
  • FIREWALK is a device for unauthorized connection to a computer that looks like a standard RJ45 network interface, is controlled by radio [23] and uses a HOWLERMONKEY transceiver (see below). Can create a VPN on the attacked computer. Price in 2008 - $ 537 thousand for 50 units;
  • FOXACID is a technology that allows you to install spyware that can infect programs at the level of software packages;
  • GINSU is a technology that uses a PCI bus device in a computer and can reinstall it when the system boots;
  • GOPHERSET is a software for GSM phones that uses the SIM-card API for hidden remote control of the phone [24] ;
  • GOURMETTROUGH - user-configurable software for some Juniper Networks firewalls [19] ;
  • HALLUXWATER - backdoor software for Huawei Eudemon firewalls [19] ;
  • HEADWATER - backdoor technology that allows you to infect software packages for Huawei routers [19] ;
  • HOWLERMONKEY - a radio-controlled device that allows (when used in conjunction with other digital gadgets) to perform remote data retrieval or remote control of devices that are the objects of attack;
  • IRATEMONK - technology that allows you to penetrate the firmware of hard drives manufactured by Maxtor , Samsung , Seagate Technology and Western Digital [25] ;
  • IRONCHEF - technologies that can "infect" networks by setting themselves in the computer's BIOS [13] . IRONCHEF also includes the programs Straitbizarre and Unitedrake, which are associated with the Regin computer worm [26] ;
  • JETPLOW - drivers that can be used to create a permanent backdoor in Cisco PIX-series hardware and ASA firewalls [19] ;
  • LOUDAUTO - radio-controlled listening device, price - $ 30 [19] ;
  • MAESTRO-II is a with a size of about 1 cent coin , which serves as a hardware core for some other devices. The module contains a 66 MHz ARM7 core processor , 4 MB of Flash, 8 MB of RAM and a programmable gate array with 500,000 inputs. Replaces the modules of the previous generation, the design of which used HC12 microcontrollers. The price in 2008 is $ 3000- $ 4000;
  • MONKEYCALENDAR - software that gives the location of a mobile phone by transmitting a hidden message;
  • NIGHTSTAND is a portable system that can wirelessly connect up to 8 miles (12 km) to devices using Microsoft Windows software [19] ;
  • NIGHTWATCH is a laptop computer used to restore and display video data; used in conjunction with equipment type CTX4000 (see above);
  • PICASSO - software that allows you to set the location of a mobile phone, get the metadata of calls, access to the microphone of the phone for eavesdropping conversations [24] ;
  • PHOTOANGLO is a joint project of the NSA and the UK Government Communications Center to develop the next-generation radar system, which will replace the CTX4000 [19] ;
  • RAGEMASTER is a hidden device that retransmits the outgoing VGA signal of the computer being attacked, thereby enabling the NSA staff to observe the image on the desktop of the computer being attacked. Usually installed in ferrite filters of cables attacked computers. Some types of devices are used in conjunction with the NIGHTWATCH computer (see above). The price in 2008 is $ 30 [5] ;
  • SCHOOLMONTANA is software that creates persistent software bookmarks in the J-series of routers / firewalls using the JUNOS operating system [19] ;
  • SIERRAMONTANA is software that creates persistent software bookmarks in the M-series of routers / firewalls using the JUNOS operating system [19] ;
  • STUCCOMONTANA - software that creates permanent software bookmarks in the T-series of routers / firewalls using the JUNOS operating system [19] ;
  • SOMBERKNAVE - software that can be installed in the Windows XP system and creates the possibility of remote control from the headquarters of the NSA;
  • SOUFFLETROUGH is software for infecting the attacked computer's BIOS, which can overcome the network screens of the Juniper Networks SSG300 and SSG500 series [19] ;
  • SPARROW II is a mini-computer designed for use in wireless networks (Wireless LAN) , including the UAV . Uses BLINDDATE software. The price in 2008 is $ 6000.
  • SURLYSPAWN is a keylogger program that can be used on remote computers that are not connected to the Internet;
  • SWAP - technology for flashing BIOS multiprocessor systems that use the operating systems FreeBSD , Linux , Solaris and Windows ;
  • TOTEGHOSTLY - software that can be installed on a mobile phone with Windows operating system and provide full remote control of the gadget;
  • TRINITY - 180-MHz multichip module based on ARM9 processor , 4 MB Flash, 96 MB SDRAM , programmable gate array with 1 million inputs. Smaller than a 1 penny coin . The price in 2008 is $ 625 thousand per 100 units;
  • WATERWITCH is a portable device that allows the operator to determine the location of mobile phones with great accuracy.

See also

  • Duqu
  • TEMPEST

Notes

  1. 2 1 2 3 4 Shopping for Spy Gear: Catalog Advertises NSA Toolbox
  2. ↑ The NSA has nearly complete backdoor access to Apple's iPhone
  3. ↑ The NSA Has a Crazy Good Backdoor Access to iPhones
  4. ↑ NSA Has 'A 100% Success Rate' Putting Spyware On iPhones (inaccessible link)
  5. ↑ 1 2 3 Privacy Advocate Exposes NSA Spy Gear at Gathering
  6. ↑ The iPhone has reportedly been fully hacked by the NSA since 2008
  7. 2 1 2 The NSA Reportedly Has Total Access To The Apple iPhone
  8. 2 1 2 NSA Hackers Get The Ungettable With Custom Catalog
  9. ↑ NSA drououtjeep iphone hack details
  10. ↑ Tax and Spy: How Can I Shoot Your Data 15Years Archive dated August 24, 2014 on the Wayback Machine
  11. NS The NSA intercepts computer spyware (Unreferenced) (not available link) (December 30, 2013). The date of circulation is September 9, 2014. Archived January 1, 2014.
  12. ↑ NSA worked on iPhone spyware to monitor remotely users, leaked documents show
  13. 2 1 2 3 Your USB cable
  14. Says Apple says it has been spying on iPhone, vows to defend customers' privacy
  15. NS The NSA's elite hackers can be your Wi-Fi from 8 miles away
  16. ↑ Apple, Jacob Appelbaum and the National Security Agency
  17. Es Hesseldahl, Arik You Won't Believe the NSA Uses for Spying . All Things Digital (December 30, 2013). The appeal date is January 20, 2014.
  18. ↑ Schneier, Bruce CROSSBEAM: NSA Exploit of the Day (Undeclared) (February 21, 2014). The appeal date is February 1, 2015.
  19. 2 1 2 3 4 5 6 7 8 9 10 11 12 "NSA's ANT Division Archived Editions of July 24th , 2015 on Wayback Machine
  20. ↑ Darmawan Salihun. "NSA BIOS Backdoor aka God Mode Malware Part 1: DEITYBOUNCE" January 29th, 2014.
  21. ↑ Schneier, Bruce EBSR: NSA Exploit of the Day (Neopr.) (February 25, 2014). The appeal date is February 1, 2015.
  22. NS The NSA regularly intercepts the laptop shipments implant malware, report says
  23. The How the NSA hacks PCs, phones, routers, hard disks 'at speed of light': Spy tech catalog leaks
  24. 2 1 2 A Peek Inside The NSA's Spy Gear Catalog
  25. ↑ NSA's backdoor catalog exposed: Targets include Juniper, Cisco, Samsung, Huawei
  26. ↑ Trojaner Regin ist ein Werkzeug von NSA und GCHQ (German) . SPIEGEL ONLINE (25 November 2014). The appeal date is February 2, 2015.
Source - https://ru.wikipedia.org/w/index.php?title=AANT__(ANB )&oldid = 97300729


More articles:

  • Kharkov Institute of National Economy
  • Language Community
  • Naumov, Vladimir Alexandrovich
  • Sklyarov, Ivan Petrovich
  • Yancheng (Henan)
  • Gaydamakina, Alina Yuryevna
  • Kilby, Jack
  • Mamutov, Ruslan Alimovich
  • A Taste of Honey (group)
  • Bellevalia kurdistanica

All articles

Clever Geek | 2019