For more than two years, researchers and rights activists have tracked the proliferation and abuse of computer spyware that can watch people in their homes and intercept their e-mails. Now they’ve built a tool that can help the targets protect themselves.
The free, downloadable software, called Detekt, searches computers for the presence of malicious programs that have been built to evade detection. The spyware ranges from government-grade products used by intelligence and police agencies to hacker staples known as RATs—remote administration tools. Detekt, which was developed by security researcher Claudio Guarnieri, is being released in a partnership with advocacy groups Amnesty International, Digitale Gesellschaft, the Electronic Frontier Foundation, and Privacy International.
Guarnieri says his tool finds hidden spy programs by seeking unique patterns on computers that indicate a specific malware is running. He warns users not to expect his program (which is available only for Windows machines) to find all spyware, and notes that the release of Detekt could spur malware developers to further cloak their code.
The use of the programs—which can remotely turn on webcams and track keystrokes—gained attention as researchers increasingly found the spyware being used to target political activists and journalists. In Syria, dissidents have been attacked by malware delivered through fake documents sent via Skype (MSFT). In Washington and London, Bahraini democracy activists received e-mails laced with what was identified as the German-made FinSpy Trojan. In Ethiopia, another hacking tool made multiple attempts against employees of an independent media company, according to a probe by Guarnieri and security researchers Morgan Marquis-Boire, Bill Marczak, and John Scott-Railton.
The new safeguard comes amid fresh reminders of pervasive electronic snooping around the globe. Just this week, London-based Privacy International published a 96-page report detailing surveillance capabilities of Central Asian republics and the companies that supply them.