fbpx
Wikipedia

ANT catalog

January 31, 2023

The ANT catalog[a] (or TAO catalog) is a classified product catalog by the U.S. National Security Agency (NSA) of which the version written in 2008–2009 was published by German news magazine Der Spiegel in December 2013. Forty-nine catalog pages[b] with pictures, diagrams and descriptions of espionage devices and spying software were published. The items are available to the Tailored Access Operations unit and are mostly targeted at products from US companies such as Apple, Cisco and Dell. The source is believed to be someone different than Edward Snowden, who is largely responsible for the global surveillance disclosures since 2013. Companies whose products could be compromised have denied any collaboration with the NSA in developing these capabilities. In 2014, a project was started to implement the capabilities from the ANT catalog as open-source hardware and software.

ANT catalog

Seal of the NSA/CSS, used on all the catalog pages
Descriptionclassified ANT product catalog for the Tailored Access Operations unit
Original authorNational Security Agency
Number of pages49
Date of catalog sheets2008–2009
PublisherDer Spiegel
Authors of publicationJacob Appelbaum, Christian Stöcker [de] and Judith Horchert
Date of publication30 December 2013
Year of intended declassification2032

Background

The Tailored Access Operations unit has existed since the late 90s. Its mission is to collect intelligence on foreign targets of the United States by hacking into computers and telecommunication networks.[3]

In 2012, Edward Snowden organized a CryptoParty together with Runa Sandvik, a former colleague of Jacob Appelbaum at The Tor Project. In June 2013, Snowden took internal NSA documents which he shared with Glenn Greenwald and Laura Poitras, resulting in the global surveillance disclosures.[4] It has been speculated for years before that capabilities like those in the ANT catalog existed.[1]

Publication

Jacob Appelbaum co-authored the English publication in Der Spiegel with Christian Stöcker [de] and Judith Horchert, which was publicized on 29 December 2013.[1] The related English publication on the same day about the TAO by Der Spiegel was also authored by the same people, and including Laura Poitras, Marcel Rosenbach, Jörg Schindler and Holger Stark.[5] On December 30, Appelbaum gave a lecture about "the militarization of the Internet" at the 30th Chaos Communication Congress in Hamburg, Germany.[6] At the end of his talk, he encouraged NSA employees to leak more documents.[7]

Apple denied the allegations that it collaborated on the development of DROPOUTJEEP in a statement to journalist Arik Hesseldahl from All Things Digital (part of the Wall Street Journal's Digital Network).[8] The Verge questioned how the program developed in later years, since the document was composed in the early period of the iPhone and smartphones in general.[9] Dell denied collaborating with any government in general, including the US government. John Stewart, senior vice president and chief security officer of Cisco stated that they were "deeply concerned and will continue to pursue all avenues to determine if we need to address any new issues." Juniper stated that they were working actively to address any possible exploit paths. Huawei stated they would take appropriate audits to determine if any compromise had taken place and would communicate if that had taken place. NSA declined to comment on the publication by Der Spiegel.[10]

Source

The source who leaked the ANT catalog to the press is unknown as of 2023.

Author James Bamford, who is specialized in the United States intelligence agencies, noted in a commentary article published by Reuters that Appelbaum has not identified the source who leaked the ANT catalog to him, which led people to mistakenly assume it was Edward Snowden. Bamford got unrestricted access to the documents cache from Edward Snowden and could not find any references to the ANT catalog using automated search tools, thereby concluding that the documents were not leaked by him.[11] Security expert Bruce Schneier has stated on his blog that he also believes the ANT catalog did not come from Snowden, but from a second leaker.[12] Officials at the NSA did not believe that the web crawler used by Snowden touched the ANT catalog and started looking for other people who could have leaked the catalog.[13]

Content

The published catalog pages were written between 2008 and 2009. The price of the items ranged from free up to $250,000.

Capabilities in the ANT catalog
Page Code name Description[14] Unit price in US$[c]
  CANDYGRAM Tripwire device that emulates a GSM cellphone tower. 40,000
  COTTONMOUTH-I Family of modified USB and Ethernet connectors that can be used to install Trojan horse software and work as wireless bridges, providing covert remote access to the target machine. COTTONMOUTH-I is a USB plug that uses TRINITY as digital core and HOWLERMONKEY as RF transceiver. 20,300
  COTTONMOUTH-II Can be deployed in a USB socket (rather than plug), and, but requires further integration in the target machine to turn into a deployed system. 4,000
  COTTONMOUTH-III Stacked Ethernet and USB plug 24,960
  CROSSBEAM GSM communications module capable of collecting and compressing voice data 4,000
  CTX4000 Continuous wave radar device that can "illuminate" a target system for recovery of "off net" information. N/A
  CYCLONE-HX9 GSM Base Station Router as a Network-In-a-Box 70,000[d]
  DEITYBOUNCE Technology that installs a backdoor software implant on Dell PowerEdge servers via the motherboard BIOS and RAID controller(s). 0
  DROPOUTJEEP "A software implant for the Apple iPhone that utilizes modular mission applications to provide specific SIGINT functionality. This functionality includes the ability to remotely push/pull files from the device. SMS retrieval, contact list retrieval, voicemail, geolocation, hot mic, camera capture, cell tower location, etc. Command, control and data exfiltration can occur over SMS messaging or a GPRS data connection. All communications with the implant will be covert and encrypted." 0
  EBSR Tri-band active GSM base station with internal 802.11/GPS/handset capability 40,000
  ENTOURAGE Direction finding application for GSM, UMTS, CDMA2000 and FRS signals 70,000
  FEEDTROUGH Software that can penetrate Juniper Networks firewalls allowing other NSA-deployed software to be installed on mainframe computers. N/A
  FIREWALK Device that looks identical to a standard RJ45 socket that allows data to be injected, or monitored and transmitted via radio technology. using the HOWLERMONKEY RF transceiver. It can for instance create a VPN to the target computer. 10,740
  GENESIS GSM handset with added software-defined radio features to record the radio frequency spectrum 15,000
  GODSURGE Software implant for a JTAG bus device named FLUXBABBITT which is added to Dell PowerEdge servers during interdiction. GODSURGE installs an implant upon system boot-up using the FLUXBABBITT JTAG interface to the Xeon series CPU. 500[e]
  GINSU Technology that uses a PCI bus device in a computer, and can reinstall itself upon system boot-up. 0
  GOPHERSET GSM software that uses a phone's SIM card's API (SIM Toolkit or STK) to control the phone through remotely sent commands. 0
  GOURMETTROUGH User-configurable persistence implant for certain Juniper Networks firewalls. 0
  HALLUXWATER Back door exploit for Huawei Eudemon firewalls. N/A
  HEADWATER Persistent backdoor technology that can install spyware using a quantum insert capable of infecting spyware at a packet level on Huawei routers. N/A
  HOWLERMONKEY A RF transceiver that makes it possible (in conjunction with digital processors and various implanting methods) to extract data from systems or allow them to be controlled remotely. 750[f]
  IRATEMONK Technology that can infiltrate the firmware of hard drives manufactured by Maxtor, Samsung, Seagate, and Western Digital. 0
  IRONCHEF Technology that can "infect" networks by installing itself in a computer I/O BIOS. IRONCHEF includes also "Straitbizarre" and "Unitedrake" which have been linked to the spy software REGIN.[15] 0
  JUNIORMINT Implant based on an ARM9 core and an FPGA. N/A
  JETPLOW Firmware that can be implanted to create a permanent backdoor in a Cisco PIX series and ASA firewalls. 0
  LOUDAUTO Audio-based RF retro-reflector listening device. 30
  MAESTRO-II Multi-chip module approximately the size of a dime that serves as the hardware core of several other products. The module contains a 66 MHz ARM7 processor, 4 MB of flash, 8 MB of RAM, and a FPGA with 500,000 gates. It replaces the previous generation modules which were based on the HC12 microcontroller. 3,000[g]
  MONKEYCALENDAR Software that transmits a mobile phone's location by hidden text message. 0
  NEBULA Multi-protocol network-in-a-box system. 250,000
  NIGHTSTAND Portable system that installs Microsoft Windows exploits from a distance of up to eight miles over a wireless connection. N/A[h]
  NIGHTWATCH Portable computer used to reconstruct and display video data from VAGRANT signals; used in conjunction with a radar source like the CTX4000 to illuminate the target in order to receive data from it. N/A
  PICASSO Software that can collect mobile phone location data, call metadata, access the phone's microphone to eavesdrop on nearby conversations. 2,000
  PHOTOANGLO A joint NSA/GCHQ project to develop a radar system to replace CTX4000. 40,000
  RAGEMASTER A concealed device that taps the video signal from a target's computer's VGA signal output so the NSA can see what is on a targeted desktop monitor. It is powered by a remote radar and responds by modulating the VGA red signal (which is also sent out most DVI ports) into the RF signal it re-radiates; this method of transmission is codenamed VAGRANT. RAGEMASTER is usually installed/concealed in the ferrite choke of the target cable. The original documents are dated 2008-07-24. Several receiver/demodulating devices are available, e.g. NIGHTWATCH. 30
  SCHOOLMONTANA Software that makes DNT[i] implants persistent on JUNOS-based (FreeBSD-variant) J-series routers/firewalls. N/A
  SIERRAMONTANA Software that makes DNT implants persistent on JUNOS-based M-series routers/firewalls. N/A
  STUCCOMONTANA Software that makes DNT implants persistent on JUNOS-based T-series routers/firewalls. N/A
  SOMBERKNAVE Software that can be implanted on a Windows XP system allowing it to be remotely controlled from NSA headquarters. 50,000
  SOUFFLETROUGH BIOS injection software that can compromise Juniper Networks SSG300 and SSG500 series firewalls. 0
  SPARROW II A small computer intended to be used for WLAN collection, including from UAVs. Hardware: IBM Power PC 405GPR processor, 64 MB SDRAM, 16 MB of built-inflash, 4 mini PCI slots, CompactFlash slot, and 802.11 B/G hardware. Running Linux 2.4 and the BLINDDATE software suite. Unit price (2008): $6K. 6,000
  SURLYSPAWN Keystroke monitor technology that can be used on remote computers that are not internet connected. 30
  SWAP Technology that can reflash the BIOS of multiprocessor systems that run FreeBSD, Linux, Solaris, or Windows. 0
  TAWDRYYARD Radio frequency retroreflector to provide location information. 30
  TOTECHASER Windows CE implant for extracting call logs, contact lists and other information. N/A
  TOTEGHOSTLY Software that can be implanted on a Windows mobile phone allowing full remote control. 0
  TRINITY Multi-chip module using a 180 MHz ARM9 processor, 4 MB of flash, 96 MB of SDRAM, and a FPGA with 1 million gates. Smaller than a penny. 6,250[j]
  TYPHON HX Network-in-a-box for a GSM network with signaling and call control. N/A
  WATERWITCH A portable "finishing tool" that allows the operator to find the precise location of a nearby mobile phone. N/A
  WISTFULTOLL Plugin for collecting information from targets using Windows Management Instrumentation 0

Follow-up developments

Security expert Matt Suiche noted that the software exploits leaked by the Shadow Brokers could be seen as genuine because it matched with names from the ANT catalog.[16] John Bumgarner has stated to IEEE Spectrum that US government suspicion of Huawei is based on its own ability to add backdoors as shown in the ANT catalog.[17]

NSA Playset

The NSA Playset is an open-source project inspired by the NSA ANT catalog to create more accessible and easy to use tools for security researchers.[18] Most of the surveillance tools can be recreated with off-the-shelf or open-source hardware and software. Thus far, the NSA Playset consists of fourteen items, for which the code and instructions can be found online on the project's homepage. After the initial leak, Michael Ossman, the founder of Great Scott Gadgets, gave a shout out to other security researchers to start working on the tools mentioned in the catalog and to recreate them. The name NSA Playset came originally from Dean Pierce, who is also a contributor (TWILIGHTVEGETABLE(GSM)) to the NSA Playset. Anyone is invited to join and contribute their own device. The requisites for an addition to the NSA Playset is a similar or already existing NSA ANT project, ease of use and a silly name (based on the original tool's name if possible). The silly name requisite is a rule that Michael Ossman himself came up with and an example is given on the project's website: "For example, if your project is similar to FOXACID, maybe you could call it COYOTEMETH." The ease of use part stems also from the NSA Playset's motto: "If a 10 year old can't do it, it doesn't count!"[18][19][20][21]

Name[22] Description[21]
TWILIGHTVEGETABLE a boot image for GSM communication monitoring.
LEVITICUS a hand held GSM frequency analyzer disguised as a Motorola phone; named after GENESIS.
DRIZZLECHAIR a hard drive with all the needed tools to crack A5/1 including the rainbow tables.
PORCUPINEMASQUERADE a passive Wi-Fi reconnaissance drone.
KEYSWEEPER a keylogger in form of a USB wall charger, that wirelessly and passively sniffs, decrypts, logs and reports back (over GSM).
SLOTSCREAMER a PCI hardware implant, which can access memory and IO.
ADAPTERNOODLE a USB exploitation device.
CHUKWAGON uses a pin on a computer's VGA port to attack via the I²C bus accessing the computer's operating system.
TURNIPSCHOOL a hardware implant concealed in a USB cable which provides short range radio frequency communication capability to software running on the host computer.
BLINKERCOUGH a hardware implant that is embedded in a VGA cable which allows data exfiltration.
SAVIORBURST a hardware implant exploiting the JTAG interface for software application persistence; named after GODSURGE. FLUXBABBIT is replaced by SOLDERPEEK.
CACTUSTUTU Portable system that enables wireless installation of Microsoft Windows exploits; covers NIGHTSTAND.
TINYALAMO software that targets BLE (Bluetooth Low Energy) and allows keystroke surveillance (keylogger) and injection.
CONGAFLOCK Radio frequency retroreflector intended for experimentation. Intended use would be the implantation into a cable and data exfiltration based on radio reflectivity of the device.(FLAMENCOFLOCK (PS/2), TANGOFLOCK (USB), SALSAFLOCK (VGA) are retroreflectors with specific interfaces to test data exfiltration.)

See also

Explanatory notes

  1. ^ Whether ANT stands for Advanced Network Technology or Access Network Technology is not known.[1]
  2. ^ The article from Der Spiegel notes that it is a "50-page document" and that "nearly 50 pages" are published. The gallery contains 49 pages. Der Spiegel also noted that the document is likely far from complete.[2]
  3. ^ If the price is listed in bulk, a calculation is made to get the unit price
  4. ^ For two months
  5. ^ Including installation costs
  6. ^ When ordering 25 units, the price per item is US$1000
  7. ^ Up to 4,000
  8. ^ Varies from platform to platform
  9. ^ Data Network Technologies, a division of the Tailored Access Operations
  10. ^ 100 units for 625,000

References

  1. ^ a b c Appelbaum, Jacob; Horchert, Judith; Stöcker, Christian (2013-12-29). "Catalog Advertises NSA Toolbox". Der Spiegel. ISSN 2195-1349. from the original on 2014-01-04. Retrieved 2021-12-21.
  2. ^ Appelbaum, Jacob (2013-12-30). "Unit Offers Spy Gadgets for Every Need". Der Spiegel. ISSN 2195-1349. from the original on 2022-04-11. Retrieved 2022-04-11.
  3. ^ Aid, Matthew M. "Inside the NSA's Ultra-Secret China Hacking Group". Foreign Policy. from the original on 2022-02-12. Retrieved 2022-02-12.
  4. ^ Kelley, Michael B. "We Now Know A Lot More About Edward Snowden's Epic Heist — And It's Troubling". Business Insider. from the original on 2022-04-06. Retrieved 2022-04-06.
  5. ^ "Documents Reveal Top NSA Hacking Unit". Der Spiegel. 2013-12-29. ISSN 2195-1349. from the original on 2019-02-06. Retrieved 2022-02-09.
  6. ^ "Vortrag: To Protect And Infect, Part 2 - The militarization of the Internet". ccc.de. from the original on 2021-11-02. Retrieved 2021-12-18.
  7. ^ Storm, Darlene (3 January 2014). "17 exploits the NSA uses to hack PCs, routers and servers for surveillance". Computerworld. from the original on 2021-12-18. Retrieved 2021-12-18.
  8. ^ Hesseldahl, Arik. "Apple Denies Working with NSA on iPhone Backdoor". AllThingsD. from the original on 2022-02-24. Retrieved 2021-12-18.
  9. ^ Robertson, Adi (2013-12-31). "Apple denies any knowledge of NSA's iPhone surveillance implant". The Verge. from the original on 2021-12-18. Retrieved 2021-12-18.
  10. ^ Bent, Kristin; Spring, Tom (2013-12-30). "Dell, Cisco 'Deeply Concerned' Over NSA Backdoor Exploit Allegations". CRN. from the original on 2022-04-07. Retrieved 2022-04-08.
  11. ^ Bamford, James (2016-08-22). "Commentary: Evidence points to another Snowden at the NSA". Reuters. from the original on 2022-02-24. Retrieved 2022-02-09.
  12. ^ Pasick, Adam (4 July 2014). . Quartz. Archived from the original on 23 October 2014. Retrieved 7 February 2022.
  13. ^ Sanger, David E. (2018). The perfect weapon: war, sabotage, and fear in the cyber age (1st ed.). New York: Crown Publishing Group. p. 74. ISBN 978-0-451-49789-5. OCLC 1039082430.
  14. ^ . Der Spiegel. 2013-12-30. Archived from the original on 2014-01-02. Retrieved 2022-04-07.
  15. ^ Stöcker, Christian; Rosenbach, Marcel (25 November 2014). "Trojaner Regin ist ein Werkzeug von NSA und GCHQ". Spiegel Online (in German). from the original on 28 November 2014. Retrieved 2 February 2015.
  16. ^ Hackett, Robert. "Hackers Have Allegedly Stolen NSA-Linked 'Cyber Weapons' and Are Auctioning Them Off". Fortune. from the original on 2021-12-18. Retrieved 2021-12-18.
  17. ^ Hsu, Jeremy (2014-03-26). "U.S. Suspicions of China's Huawei Based Partly on NSA's Own Spy Tricks". IEEE Spectrum. from the original on 2021-12-21. Retrieved 2021-12-21.
  18. ^ a b Lucy Teitler (November 17, 2014). "Let's Play NSA! The Hackers Open-Sourcing Top Secret Spy Tools". Vice Motherboard. from the original on February 25, 2017. Retrieved June 14, 2017.
  19. ^ Violet Blue (June 11, 2014). "NSA Playset invites hackers to 'play along with the NSA'". ZDNet. from the original on June 19, 2017. Retrieved June 15, 2017.
  20. ^ Michael Ossmann (July 31, 2014). "The NSA Playset". Mossman's blog. from the original on December 28, 2017. Retrieved June 14, 2017.
  21. ^ a b Sean Gallagher (August 11, 2015). "The NSA Playset: Espionage tools for the rest of us". Ars Technica. from the original on September 22, 2017. Retrieved June 14, 2017.
  22. ^ "NSA Playset homepage". www.nsaplayset.org.

Further reading

  • Koop, Peter. "Leaked documents that were not attributed to Snowden". Electrospaces.net. from the original on 2022-02-24. Retrieved 2022-04-12.

External links

 
Wikimedia Commons has media related to NSA ANT.
  • NSA Playset wiki
  • The NSA Playset a Year of toys and tools at Black Hat 2015
  • NSA Playset at Toorcamp 2014

January 31, 2023
catalog, catalog, classified, product, catalog, national, security, agency, which, version, written, 2008, 2009, published, german, news, magazine, spiegel, december, 2013, forty, nine, catalog, pages, with, pictures, diagrams, descriptions, espionage, devices. The ANT catalog a or TAO catalog is a classified product catalog by the U S National Security Agency NSA of which the version written in 2008 2009 was published by German news magazine Der Spiegel in December 2013 Forty nine catalog pages b with pictures diagrams and descriptions of espionage devices and spying software were published The items are available to the Tailored Access Operations unit and are mostly targeted at products from US companies such as Apple Cisco and Dell The source is believed to be someone different than Edward Snowden who is largely responsible for the global surveillance disclosures since 2013 Companies whose products could be compromised have denied any collaboration with the NSA in developing these capabilities In 2014 a project was started to implement the capabilities from the ANT catalog as open source hardware and software ANT catalogSeal of the NSA CSS used on all the catalog pagesDescriptionclassified ANT product catalog for the Tailored Access Operations unitOriginal authorNational Security AgencyNumber of pages49Date of catalog sheets2008 2009PublisherDer SpiegelAuthors of publicationJacob Appelbaum Christian Stocker de and Judith HorchertDate of publication30 December 2013Year of intended declassification2032 Contents 1 Background 2 Publication 2 1 Source 2 2 Content 3 Follow up developments 3 1 NSA Playset 4 See also 5 Explanatory notes 6 References 7 Further reading 8 External linksBackground EditThe Tailored Access Operations unit has existed since the late 90s Its mission is to collect intelligence on foreign targets of the United States by hacking into computers and telecommunication networks 3 In 2012 Edward Snowden organized a CryptoParty together with Runa Sandvik a former colleague of Jacob Appelbaum at The Tor Project In June 2013 Snowden took internal NSA documents which he shared with Glenn Greenwald and Laura Poitras resulting in the global surveillance disclosures 4 It has been speculated for years before that capabilities like those in the ANT catalog existed 1 Publication EditJacob Appelbaum co authored the English publication in Der Spiegel with Christian Stocker de and Judith Horchert which was publicized on 29 December 2013 1 The related English publication on the same day about the TAO by Der Spiegel was also authored by the same people and including Laura Poitras Marcel Rosenbach Jorg Schindler and Holger Stark 5 On December 30 Appelbaum gave a lecture about the militarization of the Internet at the 30th Chaos Communication Congress in Hamburg Germany 6 At the end of his talk he encouraged NSA employees to leak more documents 7 Apple denied the allegations that it collaborated on the development of DROPOUTJEEP in a statement to journalist Arik Hesseldahl from All Things Digital part of the Wall Street Journal s Digital Network 8 The Verge questioned how the program developed in later years since the document was composed in the early period of the iPhone and smartphones in general 9 Dell denied collaborating with any government in general including the US government John Stewart senior vice president and chief security officer of Cisco stated that they were deeply concerned and will continue to pursue all avenues to determine if we need to address any new issues Juniper stated that they were working actively to address any possible exploit paths Huawei stated they would take appropriate audits to determine if any compromise had taken place and would communicate if that had taken place NSA declined to comment on the publication by Der Spiegel 10 Source Edit The source who leaked the ANT catalog to the press is unknown as of 2023 Author James Bamford who is specialized in the United States intelligence agencies noted in a commentary article published by Reuters that Appelbaum has not identified the source who leaked the ANT catalog to him which led people to mistakenly assume it was Edward Snowden Bamford got unrestricted access to the documents cache from Edward Snowden and could not find any references to the ANT catalog using automated search tools thereby concluding that the documents were not leaked by him 11 Security expert Bruce Schneier has stated on his blog that he also believes the ANT catalog did not come from Snowden but from a second leaker 12 Officials at the NSA did not believe that the web crawler used by Snowden touched the ANT catalog and started looking for other people who could have leaked the catalog 13 Content Edit The published catalog pages were written between 2008 and 2009 The price of the items ranged from free up to 250 000 Capabilities in the ANT catalog Page Code name Description 14 Unit price in US c CANDYGRAM Tripwire device that emulates a GSM cellphone tower 40 000 COTTONMOUTH I Family of modified USB and Ethernet connectors that can be used to install Trojan horse software and work as wireless bridges providing covert remote access to the target machine COTTONMOUTH I is a USB plug that uses TRINITY as digital core and HOWLERMONKEY as RF transceiver 20 300 COTTONMOUTH II Can be deployed in a USB socket rather than plug and but requires further integration in the target machine to turn into a deployed system 4 000 COTTONMOUTH III Stacked Ethernet and USB plug 24 960 CROSSBEAM GSM communications module capable of collecting and compressing voice data 4 000 CTX4000 Continuous wave radar device that can illuminate a target system for recovery of off net information N A CYCLONE HX9 GSM Base Station Router as a Network In a Box 70 000 d DEITYBOUNCE Technology that installs a backdoor software implant on Dell PowerEdge servers via the motherboard BIOS and RAID controller s 0 DROPOUTJEEP A software implant for the Apple iPhone that utilizes modular mission applications to provide specific SIGINT functionality This functionality includes the ability to remotely push pull files from the device SMS retrieval contact list retrieval voicemail geolocation hot mic camera capture cell tower location etc Command control and data exfiltration can occur over SMS messaging or a GPRS data connection All communications with the implant will be covert and encrypted 0 EBSR Tri band active GSM base station with internal 802 11 GPS handset capability 40 000 ENTOURAGE Direction finding application for GSM UMTS CDMA2000 and FRS signals 70 000 FEEDTROUGH Software that can penetrate Juniper Networks firewalls allowing other NSA deployed software to be installed on mainframe computers N A FIREWALK Device that looks identical to a standard RJ45 socket that allows data to be injected or monitored and transmitted via radio technology using the HOWLERMONKEY RF transceiver It can for instance create a VPN to the target computer 10 740 GENESIS GSM handset with added software defined radio features to record the radio frequency spectrum 15 000 GODSURGE Software implant for a JTAG bus device named FLUXBABBITT which is added to Dell PowerEdge servers during interdiction GODSURGE installs an implant upon system boot up using the FLUXBABBITT JTAG interface to the Xeon series CPU 500 e GINSU Technology that uses a PCI bus device in a computer and can reinstall itself upon system boot up 0 GOPHERSET GSM software that uses a phone s SIM card s API SIM Toolkit or STK to control the phone through remotely sent commands 0 GOURMETTROUGH User configurable persistence implant for certain Juniper Networks firewalls 0 HALLUXWATER Back door exploit for Huawei Eudemon firewalls N A HEADWATER Persistent backdoor technology that can install spyware using a quantum insert capable of infecting spyware at a packet level on Huawei routers N A HOWLERMONKEY A RF transceiver that makes it possible in conjunction with digital processors and various implanting methods to extract data from systems or allow them to be controlled remotely 750 f IRATEMONK Technology that can infiltrate the firmware of hard drives manufactured by Maxtor Samsung Seagate and Western Digital 0 IRONCHEF Technology that can infect networks by installing itself in a computer I O BIOS IRONCHEF includes also Straitbizarre and Unitedrake which have been linked to the spy software REGIN 15 0 JUNIORMINT Implant based on an ARM9 core and an FPGA N A JETPLOW Firmware that can be implanted to create a permanent backdoor in a Cisco PIX series and ASA firewalls 0 LOUDAUTO Audio based RF retro reflector listening device 30 MAESTRO II Multi chip module approximately the size of a dime that serves as the hardware core of several other products The module contains a 66 MHz ARM7 processor 4 MB of flash 8 MB of RAM and a FPGA with 500 000 gates It replaces the previous generation modules which were based on the HC12 microcontroller 3 000 g MONKEYCALENDAR Software that transmits a mobile phone s location by hidden text message 0 NEBULA Multi protocol network in a box system 250 000 NIGHTSTAND Portable system that installs Microsoft Windows exploits from a distance of up to eight miles over a wireless connection N A h NIGHTWATCH Portable computer used to reconstruct and display video data from VAGRANT signals used in conjunction with a radar source like the CTX4000 to illuminate the target in order to receive data from it N A PICASSO Software that can collect mobile phone location data call metadata access the phone s microphone to eavesdrop on nearby conversations 2 000 PHOTOANGLO A joint NSA GCHQ project to develop a radar system to replace CTX4000 40 000 RAGEMASTER A concealed device that taps the video signal from a target s computer s VGA signal output so the NSA can see what is on a targeted desktop monitor It is powered by a remote radar and responds by modulating the VGA red signal which is also sent out most DVI ports into the RF signal it re radiates this method of transmission is codenamed VAGRANT RAGEMASTER is usually installed concealed in the ferrite choke of the target cable The original documents are dated 2008 07 24 Several receiver demodulating devices are available e g NIGHTWATCH 30 SCHOOLMONTANA Software that makes DNT i implants persistent on JUNOS based FreeBSD variant J series routers firewalls N A SIERRAMONTANA Software that makes DNT implants persistent on JUNOS based M series routers firewalls N A STUCCOMONTANA Software that makes DNT implants persistent on JUNOS based T series routers firewalls N A SOMBERKNAVE Software that can be implanted on a Windows XP system allowing it to be remotely controlled from NSA headquarters 50 000 SOUFFLETROUGH BIOS injection software that can compromise Juniper Networks SSG300 and SSG500 series firewalls 0 SPARROW II A small computer intended to be used for WLAN collection including from UAVs Hardware IBM Power PC 405GPR processor 64 MB SDRAM 16 MB of built inflash 4 mini PCI slots CompactFlash slot and 802 11 B G hardware Running Linux 2 4 and the BLINDDATE software suite Unit price 2008 6K 6 000 SURLYSPAWN Keystroke monitor technology that can be used on remote computers that are not internet connected 30 SWAP Technology that can reflash the BIOS of multiprocessor systems that run FreeBSD Linux Solaris or Windows 0 TAWDRYYARD Radio frequency retroreflector to provide location information 30 TOTECHASER Windows CE implant for extracting call logs contact lists and other information N A TOTEGHOSTLY Software that can be implanted on a Windows mobile phone allowing full remote control 0 TRINITY Multi chip module using a 180 MHz ARM9 processor 4 MB of flash 96 MB of SDRAM and a FPGA with 1 million gates Smaller than a penny 6 250 j TYPHON HX Network in a box for a GSM network with signaling and call control N A WATERWITCH A portable finishing tool that allows the operator to find the precise location of a nearby mobile phone N A WISTFULTOLL Plugin for collecting information from targets using Windows Management Instrumentation 0Follow up developments EditSecurity expert Matt Suiche noted that the software exploits leaked by the Shadow Brokers could be seen as genuine because it matched with names from the ANT catalog 16 John Bumgarner has stated to IEEE Spectrum that US government suspicion of Huawei is based on its own ability to add backdoors as shown in the ANT catalog 17 NSA Playset Edit The NSA Playset is an open source project inspired by the NSA ANT catalog to create more accessible and easy to use tools for security researchers 18 Most of the surveillance tools can be recreated with off the shelf or open source hardware and software Thus far the NSA Playset consists of fourteen items for which the code and instructions can be found online on the project s homepage After the initial leak Michael Ossman the founder of Great Scott Gadgets gave a shout out to other security researchers to start working on the tools mentioned in the catalog and to recreate them The name NSA Playset came originally from Dean Pierce who is also a contributor TWILIGHTVEGETABLE GSM to the NSA Playset Anyone is invited to join and contribute their own device The requisites for an addition to the NSA Playset is a similar or already existing NSA ANT project ease of use and a silly name based on the original tool s name if possible The silly name requisite is a rule that Michael Ossman himself came up with and an example is given on the project s website For example if your project is similar to FOXACID maybe you could call it COYOTEMETH The ease of use part stems also from the NSA Playset s motto If a 10 year old can t do it it doesn t count 18 19 20 21 Name 22 Description 21 TWILIGHTVEGETABLE a boot image for GSM communication monitoring LEVITICUS a hand held GSM frequency analyzer disguised as a Motorola phone named after GENESIS DRIZZLECHAIR a hard drive with all the needed tools to crack A5 1 including the rainbow tables PORCUPINEMASQUERADE a passive Wi Fi reconnaissance drone KEYSWEEPER a keylogger in form of a USB wall charger that wirelessly and passively sniffs decrypts logs and reports back over GSM SLOTSCREAMER a PCI hardware implant which can access memory and IO ADAPTERNOODLE a USB exploitation device CHUKWAGON uses a pin on a computer s VGA port to attack via the I C bus accessing the computer s operating system TURNIPSCHOOL a hardware implant concealed in a USB cable which provides short range radio frequency communication capability to software running on the host computer BLINKERCOUGH a hardware implant that is embedded in a VGA cable which allows data exfiltration SAVIORBURST a hardware implant exploiting the JTAG interface for software application persistence named after GODSURGE FLUXBABBIT is replaced by SOLDERPEEK CACTUSTUTU Portable system that enables wireless installation of Microsoft Windows exploits covers NIGHTSTAND TINYALAMO software that targets BLE Bluetooth Low Energy and allows keystroke surveillance keylogger and injection CONGAFLOCK Radio frequency retroreflector intended for experimentation Intended use would be the implantation into a cable and data exfiltration based on radio reflectivity of the device FLAMENCOFLOCK PS 2 TANGOFLOCK USB SALSAFLOCK VGA are retroreflectors with specific interfaces to test data exfiltration See also EditCyberwarfare in the United States Equation Group MiniPanzer and MegaPanzer Stuxnet WARRIOR PRIDEExplanatory notes Edit Whether ANT stands for Advanced Network Technology or Access Network Technology is not known 1 The article from Der Spiegel notes that it is a 50 page document and that nearly 50 pages are published The gallery contains 49 pages Der Spiegel also noted that the document is likely far from complete 2 If the price is listed in bulk a calculation is made to get the unit price For two months Including installation costs When ordering 25 units the price per item is US 1000 Up to 4 000 Varies from platform to platform Data Network Technologies a division of the Tailored Access Operations 100 units for 625 000References Edit a b c Appelbaum Jacob Horchert Judith Stocker Christian 2013 12 29 Catalog Advertises NSA Toolbox Der Spiegel ISSN 2195 1349 Archived from the original on 2014 01 04 Retrieved 2021 12 21 Appelbaum Jacob 2013 12 30 Unit Offers Spy Gadgets for Every Need Der Spiegel ISSN 2195 1349 Archived from the original on 2022 04 11 Retrieved 2022 04 11 Aid Matthew M Inside the NSA s Ultra Secret China Hacking Group Foreign Policy Archived from the original on 2022 02 12 Retrieved 2022 02 12 Kelley Michael B We Now Know A Lot More About Edward Snowden s Epic Heist And It s Troubling Business Insider Archived from the original on 2022 04 06 Retrieved 2022 04 06 Documents Reveal Top NSA Hacking Unit Der Spiegel 2013 12 29 ISSN 2195 1349 Archived from the original on 2019 02 06 Retrieved 2022 02 09 Vortrag To Protect And Infect Part 2 The militarization of the Internet ccc de Archived from the original on 2021 11 02 Retrieved 2021 12 18 Storm Darlene 3 January 2014 17 exploits the NSA uses to hack PCs routers and servers for surveillance Computerworld Archived from the original on 2021 12 18 Retrieved 2021 12 18 Hesseldahl Arik Apple Denies Working with NSA on iPhone Backdoor AllThingsD Archived from the original on 2022 02 24 Retrieved 2021 12 18 Robertson Adi 2013 12 31 Apple denies any knowledge of NSA s iPhone surveillance implant The Verge Archived from the original on 2021 12 18 Retrieved 2021 12 18 Bent Kristin Spring Tom 2013 12 30 Dell Cisco Deeply Concerned Over NSA Backdoor Exploit Allegations CRN Archived from the original on 2022 04 07 Retrieved 2022 04 08 Bamford James 2016 08 22 Commentary Evidence points to another Snowden at the NSA Reuters Archived from the original on 2022 02 24 Retrieved 2022 02 09 Pasick Adam 4 July 2014 The NSA may have another leaker on its hands Quartz Archived from the original on 23 October 2014 Retrieved 7 February 2022 Sanger David E 2018 The perfect weapon war sabotage and fear in the cyber age 1st ed New York Crown Publishing Group p 74 ISBN 978 0 451 49789 5 OCLC 1039082430 Interactive Graphic The NSA s Spy Catalog Der Spiegel 2013 12 30 Archived from the original on 2014 01 02 Retrieved 2022 04 07 Stocker Christian Rosenbach Marcel 25 November 2014 Trojaner Regin ist ein Werkzeug von NSA und GCHQ Spiegel Online in German Archived from the original on 28 November 2014 Retrieved 2 February 2015 Hackett Robert Hackers Have Allegedly Stolen NSA Linked Cyber Weapons and Are Auctioning Them Off Fortune Archived from the original on 2021 12 18 Retrieved 2021 12 18 Hsu Jeremy 2014 03 26 U S Suspicions of China s Huawei Based Partly on NSA s Own Spy Tricks IEEE Spectrum Archived from the original on 2021 12 21 Retrieved 2021 12 21 a b Lucy Teitler November 17 2014 Let s Play NSA The Hackers Open Sourcing Top Secret Spy Tools Vice Motherboard Archived from the original on February 25 2017 Retrieved June 14 2017 Violet Blue June 11 2014 NSA Playset invites hackers to play along with the NSA ZDNet Archived from the original on June 19 2017 Retrieved June 15 2017 Michael Ossmann July 31 2014 The NSA Playset Mossman s blog Archived from the original on December 28 2017 Retrieved June 14 2017 a b Sean Gallagher August 11 2015 The NSA Playset Espionage tools for the rest of us Ars Technica Archived from the original on September 22 2017 Retrieved June 14 2017 NSA Playset homepage www nsaplayset org Further reading EditKoop Peter Leaked documents that were not attributed to Snowden Electrospaces net Archived from the original on 2022 02 24 Retrieved 2022 04 12 External links Edit Wikimedia Commons has media related to NSA ANT NSA Playset wiki The NSA Playset a Year of toys and tools at Black Hat 2015 NSA Playset at Toorcamp 2014 Retrieved from https en wikipedia org w index php title ANT catalog amp oldid 1131344489, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.