Smurfs vs. phones: GCHQ's secret smartphone malware that can take pics and listen in even when your phone is off

[Read the post]

1 Like

Yā€™know, Iā€™m kinda getting a little tired of being asked by my acquaintances not to spout such paranoid nonsense and a few years later reading a verifying headline. Some of them have just given up acknowledging reality and remain camped out in a just-world fantasy but I do receive the odd apology.

Now if only I could get some traction with my ā€˜conspiracy theoriesā€™ on tectonic plate manipulation via satellite.

13 Likes

Frustrating, isnā€™t it? Iā€™ve often brought it up and iā€™ll get something like ā€œooh that sounds a bit conspiracy theory to meā€. No itā€™s not! The evidence is right there! The conspiracy theorists were just paying attention! :rage:

I wouldnā€™t even attempt to bring up the stuff jacob applebaum talks about, you might very well be sectioned.

3 Likes

Cricket just forced me to buy a new phone, because something something network. I bought the $15 special. Itā€™s so dumb it can barely text. I wonder if itā€™s capeable of running any malware more sophisticated than Frogger.

My company also issued me an iPhone, so I guess Iā€™d better leave that home when discussing my plans with co-conspirators.

5 Likes

Yeah, it could probably be pwned.

What are you hiding?

2 Likes

Iā€™m not too worried. For that hack, youā€™d pretty much need my phone on a bench, and if youā€™ve got that youā€™ve probably already got the thing in my trunk.

2 Likes

But now I know itā€™s in your trunk.

#Bwahahahaha!

2 Likes

any specifics?

2 Likes

Itā€™s pretty easy stuff to find. Mostly Google, Apple, etc are spying on you on behalf of three-letter agencies, and the power of those agencies is vastly out of hand.

ā€¦Normal stuff you hear on bOING. (And not necessarily crazyā€¦)

2 Likes

I assumed there was some specific craziness of which I was not aware. I was assuming it was something to do with behavioural prediction crossed with photo access and blackmailā€¦ or something.

Well, if itā€™s going to get you sectionedā€¦

2 Likes

Exaggerated for effect but only very slightly! His protect and infect presentation was pretty mind blowing. Try bringing some of that stuff up and you really will be laughed at, especially the slide around the 56 minute mark. Ok, maybe not sectioned.

Link

2 Likes

I thought the whole intersecting carrier waves thing was a normal anti-speech tool employed to disorientate public speakers? Just beam hypersonic carrier soundwaves carrying regular frequency gibberish into the resonant cavity that is the speakers skull and it sounds to them that they are ā€˜hearing voicesā€™ā€¦ or whatever other sound you choose.

Data exfiltration via radar sounds interesting I guess, although I always thought the 3d mapping technology via wifi signal was more impressiveā€¦

The whole 3d networked microphone thing distributed across a city, which can pinpoint a mouse farting in your wall seems scarier.

Video exfiltration via radar seemsā€¦ difficult, arenā€™t the waves too big?

Keyboard retroreflection sounds most new and interesting to meā€¦ will have to watch that bitā€¦

And really? location tracking is new?

But that was cool, ta.

Well, eavesdropping on information via van eck radiation is nothing new but now it appears to me part of the 3 letter acronymā€™s grab bag of goodies. But you should watch the whole thing, itā€™s a really tour de force of research and sheer buttock clenching terror about what weā€™re up against. Can we trust ANY of our hardware? Not really!

Oh, i should say that this is from 2013 so location tracking with drones and cell signals was newer then i suppose.

3 Likes

even when turned off

Iā€™m assuming this means ā€œeven when ā€˜asleepā€™ā€.

Pretty sinister, but Motorola introduced some of this as a ā€œfeatureā€ with their Moto X a couple of years agoā€¦

Some computers have the wakeup-via-RTC feature. This may be a trick included to the power-off sequence - set it to wake up silently.

Could be interesting to get a sample of the smurf to dissect, run it on a phone, and do power analysis on the battery. Could lead to hardware-based countermeasures - Arduino-class chip and a power monitor, attached to the battery and alerting if power consumption profile does not match being asleep or not communicating.

The added hardware dongle is likely a transmitter, the radar telling it just to power on or off. Or to intermodulate the data to the incoming signal.

This can be done via DIY. See my project (now delayed due to other priorities, grrr) of GPS-synced microphone.

Itā€™s not paranoia. Itā€™s awareness.

1 Like

From the perspective of my un-aware friends it sounds like paranoia. When they ask me not to spout such nonsense, I am attributing to them the state of holding such an opinion.

English is weird.

1 Like

No, this means when, from your point of view, it is turned ā€œoff.ā€ Unless you remove the battery, a phone is basically never off.

Thought. Transistors on the silicon chips tend to emit near-IR when they switch.

What about decapping all the chips on the phone board, and watch what is happening where?

Any chance for this malware (or other with comparable functionality) to leak out for independent examination by multiple hackers? So supervision/detection systems can be devised?

Power analysis, both the juice drawn from the battery itself and on different points of the phoneā€™s power buses, could be quite enlightening, too.

I just wanted to point out how much more enjoyable the headline could have been with the word ā€œSmurvesā€.

1 Like

Itā€™s what Tolkien would have wanted.

1 Like