Filtered By
TURBINE X
Codewords [filter]
Top Secret X
Classification [filter]
Results
6 Total
0.0

DEFIANTWARRIOR and the NSA’s Use of Bots

Document

Release Date: 2015-01-17 Document Date: 2010-05-24
This 24 May 2010 NSA presentation describes the ways the agency uses botnets (“bot herding”): see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET//COMINT//REL USA, FVEY DEFIANTWARRIO R 7 / //and the ; NSA's Uè^ojÆotá/ Overall Classification: TOP SECRET//COMINT//REL FVEY Current As Of: 24 May 2010 Derived From: NSA/CSS...
0.0

TUTELAGE

Document

Release Date: 2015-01-17
This undated NSA presentation describes techniques for repurposing third party attack tools: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET//COMINT//REL TO USA, FVEY TOP SECRET//COMINT//REL TO USA, TOP SECRET//COMINT//REL TO USA, FVEY Before TUTELAGE... AFTERk INTRUSION Manual Analysis of Reporting Lo...
0.0

TURMOIL

Document

Release Date: 2014-03-12
These slides from an NSA presentation show how the automated malware deployment tool Turbine depends on a network of passive collection sensors (Turmoil), installed at locations including Fort Meade in Maryland, Misawa in Japan and Menwith Hill in the UK: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, […]
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20291123 Sensors: Passive Collection \ Internet * Cloud Internet 1 Cloud Internet <1 Cloud pUttMQJ.l I (S//SI//REÜ High-spe...
0.0

A new intelligent command and control capability

Document

Release Date: 2014-03-12
This extract from an undated NSA document describes the planned capability of the automated malware injection system Turbine as extending to “potentially millions of implants”: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.
(TS//SI//REL) A new intelligent command and control capability designed to manage a very large number of covert implants for active SIGINT and active Attack that reside on the GENIE covert infras...
0.0

Selector types

Document

Release Date: 2014-03-12
This slide lists the range of selectors the Turmoil infrastructure at UK base Menwith Hill can use to identify targets, many of which show the ability of Five Eyes agencies to piggyback on commercial services: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.
TOP SECRET//COMINT//REL TO USA, FVEY Selector Types Machine IDs - Cookies • Hotmail GUIDs • Google prefIDs • YahooBcookies • mallruMRCU • yandexUid • twitter Hash • r...
0.0

VPN and VOIP Exploitation With HAMMERCHANT and HAMMERSTEIN

Document

Release Date: 2014-03-12
Slides from an NSA Turbulence presentation describe two of the agency’s specialised implants, aimed at compromising virtual private networks (VPNs) and online telephony (VOIP): see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20291123 APEX VPN Phases ► VPN Phase 1: IKE Metadata Only (Spin 15) - IKE packets are exfiled to TURMOIL APEX. ■ APEX reconstructs/r...

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh