Thursday, February 13, 2014

DROPOUTJEEP: NSA Exploit of the Day

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog:
DROPOUTJEEP (TS//SI//REL) DROPOUTJEEP is a STRAITBIZARRE based software implant for the Apple iPhone operating system and uses the CHIMNEYPOOL framework. DROPOUTJEEP is compliant with the FREEFLOW project, therefore it is supported in the TURBULENCE architecture.
(TS//SI//REL) DROPOUTJEEP is a software implant for the Apple iPhone that utilizes modular mission applications to provide specific SIGINT functionality. This functionality includes the ability to remotely push/pull files from the device, SMS retrieval, contact list retrieval, voicemail, geolocation, hot mic, camera capture, cell tower location, etc. Command, control, and data exfiltration can occur over SMS messaging or a GPRS data connection. All communications with the implant will be covert and encrypted.
(TS//SI//REL) The initial release of DROPOUTJEEP will focus on installing the implant via close access methods. A remote installation capability will be pursued for a future release.
Unit Cost: $0
Status: (U) In development
Page, with graphics, is here. General information about TAO and the catalog is here.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.