Hackers Now Reconstruct NSA’s Spy Device for Just $20

Hackers led by Michael Ossman have managed to duplicate a cyber spying device that the NSA uses for just $20. The device that they have created is similar to what the NSA uses to install malware on computers and launch a man-in-the-middle attacks. The NSA reportedly buys the device for $20,000 each.

The NSA has been known to spy on many people and establishments, according to documents released by Edward Snowden under the PRISM program. While there are many ways through which the NSA can spy on people such as hacking their emails and social media profiles, it has been found that to get the more sophisticated users, the NSA had to use special equipment and skills.

One of the ways that the NSA saw fit to use when spying was the use of malware. Now, malware can be deployed in various forms, with the most common being email. The challenge with panting malware remotely is that it can be detected by the antivirus or the anti-malware program that runs n the computer.

In order to truly infect the computers that belong to sophisticated users, the NA had to find a way through which it could infect computers using something like a memory stick. What the NSA finally found was a device called the Cottonmouth01. The Cottonouth-1 is a device that is designed to plug into a computer through any of its USB ports and install a spy program.

The Cottonmouth-1 clone device is not that complicated in its make up; the device is made up of a trans-receiver, a circuit board and a cover. All these were assembled from junk items like old devices for $20.

While it is unlikely that many people will have occasion when they need to use a device to implant malware in anyone’s computer, knowing that a device like that exists out there is quite important, especially for people who are conscious about their online security. This is even more important to organizations because they more often than not have information that can motivate an attack on their network.

Many organizations have taken the liberty of having what are called air-gapped computers in order to protect their networks. Air-gapped computers are pretty secure especially because they are not connected to a network. However, a Cottonmouth-1 device can infiltrate air-gapped computers as well. That means they stand to get infected through a device such as the Cottonmouth-1. The hacker can take advantage of the fact that air-gapped computers accept and share information through a USB drive. A hacker will therefore corrupt the computer by using a device which looks like a USB stick.

The NSA configuration for the Cottonmouth-1 was revealed by leaked documents from the Edward Snowden expose. While the NSA has not commented on the issue, it can be seen that hacking is getting bolder. Physical devices have started to come into play and with such a small cost of acquisition, hackers will now might start leaving their computer rooms and venture outside to plant their spy devices in their victims’ computers.

Top/Featured Image: By National Security Agency / Wikipedia (http://commons.wikimedia.org/
wiki/File:NSOC-2012.jpg)

COMMENTS

WORDPRESS: 1
  • Charles Speicher jr 2 years

    Interesting artcle that demonstrates how govt overspending occurs with people in govt positions that are misguided.
    I do take exception to your comment that air gapped networks are pretty secure. They in fact are no more secure than any network !! Case in point no network on this planet is impenetrable for it could not function on its’ mission to allow tasks to occur in support of devices that need to share information as part of complex information systems that exists today.Therefore all one has to do is find a way in that touches the 3 legged stool people, technolgy and processes to find the vulnerability that accomplishes that end for the attacker. Sophisticated attackers have the advantage over IT security personal who by in large don’t use or have access to real time tools.The bad guys armed with real time tools have a much easier job find one door io pen which is pretty easy to accomplish.The IT security guys have a much tougher job ….close all the doors without the use of real time tools to actually see all the doors that are open so….. they may miss a few !
    In short a remote device a tool that reduces the time and effort needed to access an air gapped network is just one way in !

  • DISQUS: 0

    Hackers Now Reconstruct NSA’s Spy Device for Just $20

    by Stephen Kiboi time to read: 2 min
    1