In March 2014, French newspaper Le Monde revealed that France is suspected by the Communications Security Establishment Canada (CSEC) of having developed and deployed malicious software for espionage purposes. This story was based on presentation slides leaked by Edward Snowden, which were then published by Germany’s Der Spiegel in January 2015.
According to the CSEC presentation, the malicious software in question is called “Babar” by its creators, likely after the famous French cartoon character “Babar The Elephant”. Since then, several malware researchers have begun to work on the enigma that is Babar. Marion Marschalek (Cyphort) struck first, with her report on the “Bunny” malware. Bunny shares some characteristics with the Babar malware described by CSEC. In mid-February, Marion published another report, this time on the actual Babar case, explaining in great detail its spying features. At the same time, Paul Rascagnères (G Data) published a blog post on the similarities between Babar and Bunny, and showed that they were very probably related to the malware described in the CSEC’s slides.
Casper Malware: After Babar and Bunny, Another Espionage Cartoon
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.