Your Source for Leaks Around the World!

NSA’s ANT Division Catalog of Exploits for Nearly Every Major Software/Hardware/Firmware

In ANT, Archive, Hacking, Malware, NSA, NSA Files, Surveillance, TAO, Technology on December 30, 2013 at 3:17 AM

nsa-ant

12/29/2013

SPIEGEL:

After years of speculation that electronics can be accessed by intelligence agencies through a back door, an internal NSA catalog reveals that such methods already exist for numerous end-user devices.

When it comes to modern firewalls for corporate computer networks, the world’s second largest network equipment manufacturer doesn’t skimp on praising its own work. According to Juniper Networks’ online PR copy, the company’s products are “ideal” for protecting large companies and computing centers from unwanted access from outside. They claim the performance of the company’s special computers is “unmatched” and their firewalls are the “best-in-class.” Despite these assurances, though, there is one attacker none of these products can fend off — the United States’ National Security Agency.

Specialists at the intelligence organization succeeded years ago in penetrating the company’s digital firewalls. A document viewed by SPIEGEL resembling a product catalog reveals that an NSA division called ANT has burrowed its way into nearly all the security architecture made by the major players in the industry — including American global market leader Cisco and its Chinese competitor Huawei, but also producers of mass-market goods, such as US computer-maker Dell and Apple’s iPhone.

These NSA agents, who specialize in secret back doors, are able to keep an eye on all levels of our digital lives — from computing centers to individual computers, from laptops to mobile phones. For nearly every lock, ANT seems to have a key in its toolbox. And no matter what walls companies erect, the NSA’s specialists seem already to have gotten past them.

This, at least, is the impression gained from flipping through the 50-page document. The list reads like a mail-order catalog, one from which other NSA employees can order technologies from the ANT division for tapping their targets’ data. The catalog even lists the prices for these electronic break-in tools, with costs ranging from free to $250,000.

In the case of Juniper, the name of this particular digital lock pick is “FEEDTROUGH.” This malware burrows into Juniper firewalls and makes it possible to smuggle other NSA programs into mainframe computers. Thanks to FEEDTROUGH, these implants can, by design, even survive “across reboots and software upgrades.” In this way, US government spies can secure themselves a permanent presence in computer networks. The catalog states that FEEDTROUGH “has been deployed on many target platforms.”

The specialists at ANT, which presumably stands for Advanced or Access Network Technology, could be described as master carpenters for the NSA’s department for Tailored Access Operations (TAO). In cases where TAO’s usual hacking and data-skimming methods don’t suffice, ANT workers step in with their special tools, penetrating networking equipment, monitoring mobile phones and computers and diverting or even modifying data. Such “implants,” as they are referred to in NSA parlance, have played a considerable role in the intelligence agency’s ability to establish a global covert network that operates alongside the Internet.

Some of the equipment available is quite inexpensive. A rigged monitor cable that allows “TAO personnel to see what is displayed on the targeted monitor,” for example, is available for just $30. But an “active GSM base station” — a tool that makes it possible to mimic a mobile phone tower and thus monitor cell phones — costs a full $40,000. Computer bugging devices disguised as normal USB plugs, capable of sending and receiving data via radio undetected, are available in packs of 50 for over $1 million.

The ANT division doesn’t just manufacture surveillance hardware. It also develops software for special tasks. The ANT developers have a clear preference for planting their malicious code in so-called BIOS, software located on a computer’s motherboard that is the first thing to load when a computer is turned on.

This has a number of valuable advantages: an infected PC or server appears to be functioning normally, so the infection remains invisible to virus protection and other security programs. And even if the hard drive of an infected computer has been completely erased and a new operating system is installed, the ANT malware can continue to function and ensures that new spyware can once again be loaded onto what is presumed to be a clean computer. The ANT developers call this “Persistence” and believe this approach has provided them with the possibility of permanent access.

Another program attacks the firmware in hard drives manufactured by Western Digital, Seagate, Maxtor and Samsung, all of which, with the exception of latter, are American companies. Here, too, it appears the US intelligence agency is compromising the technology and products of American companies.

Other ANT programs target Internet routers meant for professional use or hardware firewalls intended to protect company networks from online attacks. Many digital attack weapons are “remotely installable” — in other words, over the Internet. Others require a direct attack on an end-user device — an “interdiction,” as it is known in NSA jargon — in order to install malware or bugging equipment.

There is no information in the documents seen by SPIEGEL to suggest that the companies whose products are mentioned in the catalog provided any support to the NSA or even had any knowledge of the intelligence solutions. “Cisco does not work with any government to modify our equipment, nor to implement any so-called security ‘back doors’ in our products,” the company said in a statement. Contacted by SPIEGEL reporters, officials at Western Digital, Juniper Networks and Huawei also said they had no knowledge of any such modifications. Meanwhile, Dell officials said the company “respects and complies with the laws of all countries in which it operates.”

Many of the items in the software solutions catalog date from 2008, and some of the target server systems that are listed are no longer on the market today. At the same time, it’s not as if the hackers within the ANT division have been sleeping on the job. They have continued to develop their arsenal. Some pages in the 2008 catalog, for example, list new systems for which no tools yet exist. However, the authors promise they are already hard at work developing new tools and that they will be “pursued for a future release”.

nsa-ant-deitybounce

nsa-ant-ironchef

nsa-ant-feedthrough

nsa-ant-gourmettrough

nsa-ant-halluxwater

nsa-ant-jetplow

nsa-ant-souffletrough

nsa-ant-headwater

nsa-ant-schoolmontana

nsa-ant-sierramontana

nsa-ant-stuccomontana

nsa-ant-ctx4000

nsa-ant-loudauto

nsa-ant-nightstand

nsa-ant-nightwatch

nsa-ant-photoanglo

nsa-ant-sparrow-ii

nsa-ant-tawdryyard

nsa-ant-ginsu

nsa-ant-howlermonkey

nsa-ant-iratemonk

nsa-ant-juniormint

nsa-ant-maestro-ii

nsa-ant-somberknave

nsa-ant-swap

nsa-ant-trinity

nsa-ant-wistfultoll

nsa-ant-surlyspawn

nsa-ant-dropoutjeep

nsa-ant-gopherset

nsa-ant-monkeycalendar

nsa-ant-picasso

nsa-ant-totechaser

nsa-ant-toteghostly-2.0

nsa-ant-candygram

nsa-ant-crossbeam

nsa-ant-cyclone-hx9

nsa-ant-ebsr

nsa-ant-entourage

nsa-ant-genesis

nsa-ant-nebula

nsa-ant-typhon-hx

nsa-ant-waterwitch

nsa-ant-cottonmouth-i

nsa-ant-cottonmouth-ii

nsa-ant-cottonomouth-iii

nsa-ant-firewalk

nsa-ant-ragemaster

Related Links:

American Companies Respond to New NSA Hacking Claims

To Protect and Infect: The Militarization of the Internet – Claudio Guarnieri, Morgan Marquis-Boire, Jacob Appelbaum @ 30c3

Tax and Spy: How the NSA Can Hack Any American, Stores Data 15 Years

NSA Can Hack WiFi Devices From Eight Miles Away

The NSA Has a Backdoor Called “DROPOUTJEEP” for Nearly Complete Access to the Apple iPhone

U.S. to China: We Hacked Your Internet Gear We Told You Not to Hack

The NSA Product Generator

NSA Technology Transfer Program (TTP) Catalog for Licensing Products to U.S. Companies

  1. […] 50-stránkový katalóg špionážneho backdoor-kódu, používaného agentami tajnej služby NSA, medzi cieľmi týchto […]

    Like

  2. […] O catálogo completo foi publicado pelo site LeakSource (clique aqui para ver). […]

    Like

  3. […] mistake as a full weaponised remote rooting of iOS is easily $100.000+ value. As an aside, their 2007 hardware toy catalogue leaked some time ago, a fun read for people like […]

    Like

  4. […] Les technologies et outils présentés sont clairement de haut niveau. Malgré le fait que réaliser une attribution sur ce genre de kit opérationnel est très complexe du fait de la nature des données, il est tentant d’attribuer celui-ci à une organisation soutenue par un état. Ceux d’entre vous familiers avec les technologies et techniques d’attaques révélées par la presse grâce à Snowden reconnaitront la convention de nommage des outils. De plus, certains des outils utilisés sont explicitement mentionnés dans le catalogue Tailored Access Operations (TAO). […]

    Like

  5. […] ANT division catalogue of exploits for…well, everything. Oh, you haven’t seen that? Here you go… […]

    Like

  6. […] of the implants contained in the leaked archive, Jet Plow and Banana Glee, appeared previously on PowerPoint slides leaked by ex-NSA contractor Edward […]

    Like

  7. […] of the implants contained in the leaked archive, Jet Plow and Banana Glee, appeared previously on PowerPoint slides leaked by ex-NSA contractor Edward […]

    Like

  8. […] of the implants contained in the leaked archive, Jet Plow and Banana Glee, appeared previously on PowerPoint slides leaked by ex-NSA contractor Edward […]

    Like

  9. […] BANANAGLEE A non-persistent firewall software implant for Cisco ASA and PIX devices that is installed by writing the implant directly to memory. Also mentioned in the previously leaked NSA ANT catalogue. […]

    Like

  10. […] of the implants contained in the leaked archive, Jet Plow and Banana Glee, appeared previously on PowerPoint slides leaked by ex-NSA contractor Edward […]

    Like

  11. […] of the implants contained in the leaked archive, Jet Plow and Banana Glee, appeared previously on PowerPoint slides leaked by ex-NSA contractor Edward […]

    Like

  12. […] of the implants contained in the leaked archive, Jet Plow and Banana Glee, appeared previously on PowerPoint slides leaked by ex-NSA contractor Edward […]

    Like

  13. […] of the implants contained in the leaked archive, Jet Plow and Banana Glee, appeared previously on PowerPoint slides leaked by ex-NSA contractor Edward […]

    Like

  14. […] of the implants contained in the leaked archive, Jet Plow and Banana Glee, appeared previously on PowerPoint slides leaked by ex-NSA contractor Edward […]

    Like

  15. […] so that they can snatch user credentials. It’s part of the public record that the NSA has a whole catalogue of hardware and software at it’s disposal for this type of operation. There has also been […]

    Like

  16. […] public record that the NSA has a whole catalogue of hardware and software at its disposal for […]

    Like

  17. […] so that they can snatch user credentials. It’s part of the public record that the NSA has a whole catalogue of hardware and software at its disposal for this type of operation. There has also been […]

    Like

  18. […] deal when you consider the wide range of devices previously pwned and listed in the ANT division catalog of exploits. It surely wouldn’t be too difficult for the group, since IoT and wireless medical devices […]

    Like

  19. […] deal when you consider the wide range of devices previously pwned and listed in the ANT division catalog of exploits. It surely wouldn’t be too difficult for the group, since IoT and wireless medical devices […]

    Like

  20. […] deal when you consider the wide range of devices previously pwned and listed in the ANT division catalog of exploits. It surely wouldn’t be too difficult for the group, since IoT and wireless medical devices […]

    Like

  21. […] deal when you consider the wide range of devices previously pwned and listed in the ANT division catalog of exploits. It surely wouldn’t be too difficult for the group, since IoT and wireless medical devices […]

    Like

  22. […] deal when you consider the wide range of devices previously pwned and listed in the ANT division catalog of exploits. It surely wouldn’t be too difficult for the group, since IoT and wireless medical devices […]

    Like

  23. […] deal when you consider the wide range of devices previously pwned and listed in the ANT division catalog of exploits. It surely wouldn’t be too difficult for the group, since IoT and wireless medical devices […]

    Like

  24. […] Joyce acknowledged that it was “very strange” for someone in his position to stand onstage before an audience. The TAO has largely existed in the shadowy recesses of the NSA—known and unknown at the same time—until only recently when documents leaked by Snowden and others exposed the workings of this cabal as well as many of its sophisticated hacking tools. […]

    Like

  25. […] More information about the NSA’s TAO. http://www.spiegel.de/international/world/… https://foreignpolicy.com/2013/06/10/… An article about TAO’s catalog of implants and attack tools. Note that the catalog is from 2007. Presumably TAO has been very busy developing new attack tools over the past ten years. http://www.spiegel.de/international/world/… http://leaksource.info/2013/12/30/… […]

    Like

  26. […] Joyce acknowledged that it was “very strange” for someone in his position to stand onstage before an audience. The TAO has largely existed in the shadowy recesses of the NSA—known and unknown at the same time—until only recently when documents leaked by Snowden and others exposed the workings of this cabal as well as many of its sophisticated hacking tools. […]

    Like

  27. […] about the NSA’s TAO group is here and here. Here’s an article about TAO’s catalog of implants and attack tools. Note that the catalog is from 2007. Presumably TAO has been very busy […]

    Like

  28. […] information about the NSA's TAO group is here and here. Here's an article about TAO's catalog of implants and attack tools. Note that the catalog is from 2007. Presumably TAO has been very busy […]

    Like

  29. […] Joyce acknowledged that it was “very strange” for someone in his position to stand onstage before an audience. The TAO has largely existed in the shadowy recesses of the NSA—known and unknown at the same time—until only recently when documents leaked by Snowden and others exposed the workings of this cabal as well as many of its sophisticated hacking tools. […]

    Like

  30. […] Joyce acknowledged that it was “very strange” for someone in his position to stand onstage before an audience. The TAO has largely existed in the shadowy recesses of the NSA—known and unknown at the same time—until only recently when documents leaked by Snowden and others exposed the workings of this cabal as well as many of its sophisticated hacking tools. […]

    Like

  31. […] Joyce concurred that it was “very strange” for someone in his position to mount onstage before an audience. The TAO has mostly existed in a murky recesses of a NSA—known and different during a same time—until usually recently when documents leaked by Snowden and others unprotected a workings of this gang as good as many of a worldly hacking tools. […]

    Like

  32. […] Joyce concurred that it was “very strange” for someone in his position to mount onstage before an audience. The TAO has mostly existed in a murky recesses of a NSA—known and different during a same time—until usually recently when documents leaked by Snowden and others unprotected a workings of this gang as good as many of a worldly hacking tools. […]

    Like

  33. […] Joyce acknowledged that it was “very strange” for someone in his position to stand onstage before an audience. The TAO has largely existed in the shadowy recesses of the NSA—known and unknown at the same time—until only recently when documents leaked by Snowden and others exposed the workings of this cabal as well as many of its sophisticated hacking tools. […]

    Like

  34. […] Joyce acknowledged that it was “very strange” for someone in his position to stand onstage before an audience. The TAO has largely existed in the shadowy recesses of the NSA—known and unknown at the same time—until only recently when documents leaked by Snowden and others exposed the workings of this cabal as well as many of its sophisticated hacking tools. […]

    Like

  35. […] Joyce acknowledged that it was “very strange” for someone in his position to stand onstage before an audience. The TAO has largely existed in the shadowy recesses of the NSA—known and unknown at the same time—until only recently when documents leaked by Snowden and others exposed the workings of this cabal as well as many of its sophisticated hacking tools. […]

    Like

  36. […] certainly been hard at work building its own backdoors into Juniper products. A 2008 internal NSA catalog listed several exploits designed to provide interception backdoors into Juniper network equipment […]

    Like

  37. […] Hackers from the NSA’s Office of Tailored Access Operations (TAO) have been in the news since Edward Snowden leaked some details such as how they secretly infected 50,000 computer networks with malware. TAO is internally known as ANT and its catalog of exploits is from 2008, but technology has advanced a great deal in the last six years so there’s no telling what the NSA can do now. As of 2008, the NSA had developed ways to compromise Apple, Cisco Systems, Dell, HP, Huawei, Juniper Networks, Linux, Maxtor, Microsoft, Seagate, Samsung, and Western Digital to name a few of the hard drives, firewalls, operating systems, routers, smartphones, switches and PCs described in the ANT division catalog of exploits. […]

    Like

  38. […] and first disclosed by the German magazine Der Speigel was this: Feedthrough. It’s described in a catalog of devices and software used by an NSA division called ANT as a “persistence technique for two software implants … used […]

    Like

  39. […] first disclosed by the German magazine Der Speigel was this: Feedthrough. It’s described in a catalog of devices and software used by an NSA division called ANT as a “persistence technique for two software implants […]

    Like

  40. […] said it, I do not believe that this came from the Snowden documents. I also don’t believe the TAO catalog came from the Snowden documents. I think there’s a second leaker out […]

    Like

  41. […] which depict an NSA that’s more than capable of performing SIGINT missions. Other Snowden-era documents also indicate that the NSA runs a world class spy outfit. Consider also that foreign countries […]

    Like

  42. […] which depict an NSA that’s more than capable of performing SIGINT missions. Other Snowden-era documents also indicate that the NSA runs a world class spy outfit. Consider also that foreign countries […]

    Like

  43. […] which depict an NSA that’s more than capable of performing SIGINT missions. Other Snowden-era documents also indicate that the NSA runs a world class spy outfit. Consider also that foreign countries like […]

    Like

  44. […] which depict an NSA that’s more than capable of performing SIGINT missions. Other Snowden-era documents also indicate that the NSA runs a world class spy outfit. Consider also that foreign countries like […]

    Like

  45. […] the real crimes of the century) The back-door exploits are in every piece of hardware out there. NSA’s ANT Division Catalog of Exploits for Nearly Every Major Software/Hardware/Firmware | Lea… The next phase is social manipulation. Divide and conquer. The steering of 'democracy' by a very […]

    Like

  46. […] exposed earlier this year. These tools are believed to be the same ones disclosed in the so-calledNSA ANT catalogue published in 2013 by journalists in Germany. The interest in attacks attributed to the NSA and GCHQ […]

    Like

  47. […] this year. These tools are believed to be the same ones disclosed in the so-called NSA ANT catalogue[12] published in 2013 by journalists in Germany. The interest in attacks attributed to the NSA and […]

    Like

  48. […] evidence that points to this conclusion. A keyword—GROK—found in one a keylogger component appears in an NSA spy tool catalog leaked to journalists in 2013. The 53-page document details—with pictures, diagrams and secret codenames—an array of complex […]

    Like

  49. […] to Jake Appelbaum, Laura Poitras, and others in Germany: the Angela Merkel surveillance story, the TAO catalog, the X-KEYSCORE rules. My guess is that this is either an NSA employee or contractor working in […]

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: