The Federal Trojan
Background and a statement from Emsisoft
The Federal Trojan, also known as the State Trojan or Bavarian Trojan, has been a major domestic policy issue in Germany since early October 2011. The subsequent analysis of parts of this governmental spy program has raised cause for concern. In addition to what appears to be a clear violation of the directives of the German Federal Constitutional Court, it also poses a threat to the computer security of normal citizens.
What is the Federal Trojan?
On November 9th 2006 the German Lower House of Parliament passed a package of measures to counteract potential terrorist threats, the "Program for strengthening inland security" (PSIS). Part of the package involved the design and implementation of technical measures to conduct online searches of computers. Ultimately, this involves the ability to monitor a internet connected PC via software, in a manner that is more or less unnoticeable. Or in other words, basically the same technology that has been known for many years as a "Trojan Horse" ("Trojan").
Back in 2006, this type of online search was the subject of intense debate due to lack of a clear legislative basis. After all, private information is stored on home computers and hence constitutes a part of a citizen's personal privacy. Then in February of 2008 the German Federal Constitutional Court issued a ruling, still valid to date, that presents significant legal obstacles for online searches and for the first time gave citizens a "Fundamental right to the guarantee of confidentiality and the integrity of computer systems".
The discovery in October 2011 and its consequences
On October 8th 2011 the Chaos Computer Club (CCC) published the news that they had received and analyzed parts of a governmental spy program. Their analysis produced the alarming result that not only is the Trojan able to read highly sensitive data but it also includes a remote control function, allowing for the download and execution of other malware. Ultimately, this allows for the complete remote control of affected computers, including manipulation of files, keyboard logging, microphone and camera recording etc.
As eavesdropping is only permitted under very strict conditions and limitations this seems to be a clear violation of Constitutional Law. As if this isn't bad enough, the Federal Trojan also appears to be sloppily programmed and contains blatant security holes. These vulnerabilities could theoretically be used by third-parties to gain unauthorized access to infected computers. In addition to the infringement of human rights this also represents a serious threat to the computer security of affected citizens.
Protection and a statement from Emsisoft
The Emsisoft analysis team has also researched the functionality of the Federal Trojan. Basically it's a conventional Trojan, with the exception that it was developed by a government department rather than cyber-criminals. The good news is that the behavioral analysis integrated into Emsisoft Anti-Malware and Mamutu also detects the Federal Trojan and can effectively protect the computer against infection.
Christian Mairoll, CEO of Emsisoft, says: "You can also trust our protection in the future. To date, there is no law or ruling that compels the suppliers of security software to exclude online search software such as the Federal Trojan from detection. If such a law is ever passed, or a court ruling on this occurs, we will not hesitate to inform our users of this fact. Until then, our behavioral analysis module will not distinguish between so called "good" or "evil" malware. As the user, you will always be able to immediately block any suspicious program."
Have a nice (Malware-free) day!
Your Emsisoft team