Somewhere between the cyber espionage that outed the US as Big Brother Inc and the phone-hacking scandal that sank Rupert Murdoch’s British form of journalism, the real news of the world may be Spies ‘R’ Us.

There is now enough equipment available via the internet to turn anybody into their own James and Ja’mie Bonds.

The US/Murdoch shenanigans – plus the report that some embassies are being used to intercept Asian phone calls and data as part of a US-global spying network – came courtesy of high-end, high-tech gear operated by highly experienced pros.

But people can buy lots of devices – mobile phone monitors, listening bugs, night-vision cameras, vehicle tracking equipment, thermal imaging cameras, video cameras hidden in pens, flash light/stun guns and a hundred other pieces of equipment – that are relatively cheap and light years removed from the invisible ink and shortwave radio of the spy craft of yesteryear.

Private detectives say the rise of the spy gear trade came out of the spouse-busting business.

”It was helpful in divorce cases but quickly became evident how useful this sort of equipment is in various situations,” one former NSW Australian police officer said. ”The whole business got a huge kick along after 9/11 when heightened fears made everybody just a little bit scared of things they never once feared.”

The US is taking flak now because of reports its National Security Agency monitored German Chancellor Angela Merkel’s mobile phone. It’s a fine irony. Ms Merkel once recalled her parents were nervous whenever she talked for too long on the phone. ”Hang up! The Stasi is listening and it’s all being recorded,” her mother said, according to one biography.

Coincidentally, as the Merkel revelations raged, Russia was forced to deny Italian reports it had equipped USB flash drives and cables to charge the mobile phones given to foreign delegates to the G20 meeting at St Petersburg in September with technology to retrieve data from computers and telephones.

Meanwhile, whistleblower Thomas Drake, a former senior executive at the NSA, told the ABC this week it was alarming that a nation would spy on those it considered an ally.

”Spying on others is considered the world’s second oldest profession and so the idea that nation states would engage in spying on others is no surprise, not at all,” he said.

”I think what’s particularly pernicious here is the fact we’re actually listening on the personal communications of the highest levels of governments in countries that are supposed to be our allies and are actually partnered with us in ensuring that we deal and defend against threats to international order and stability.”

Since humans started building empires and information considered secret or confidential was obtained without permission, people have been calling military intelligence an oxymoron.

But it took the British to turn spying into high romance. At empire high noon, the 1903 novel The Riddle of the Sands: A Record of Secret Service by Erskine Childers established the spy thriller. Half a century later, as the sun set on empire, John Le Carre’s George Smiley and Ian Fleming’s James Bond kept the Union Jack fluttering.

But Smiley’s pragmatic calculations and Bond’s louche bedroom antics have been replaced in real life by high-tech cloak and dagger and, as WikiLeaks and Edward Snowden prove, the rise of Everyman espionage.

The methods

Hidden cameras
Commercially available, can operate in low light conditions and detect motion.

Hidden camera detector
Scans for power use, transmissions or even low levels of light reflected back from a tiny camera lens.

GPS trackers
Can be attached magnetically to vehicles. Battery powered to operate for weeks.

Directional microphones
Magnifies sound from a long distance away and stores in a digital recording device.

Camera glasses
Minature cameras attached to sunglasses can covertly record anything in line of sight.

blue cam line




Australia’s electronic spy agency reportedly has access to a top secret program that has successfully cracked the encryption used by hundreds of millions of people to protect the privacy of their emails, phone calls and online business transactions.

Documents disclosed by US intelligence whistleblower Edward Snowden reveal the program run by the US National Security Agency, codenamed Bullrun, has been used to secretly descramble high-level internet security systems globally.

They show the NSA and British Government Communications Headquarters (GCHQ) have successfully cracked the encryption used in personal communications such as email and telephone calls as well as global commerce and banking systems.

An undated ”briefing sheet” on the program, provided to British analysts when they are cleared for access to Bullrun, was published on Friday in The New York Times and The Guardian newspapers.

It states that the Australian Signals Directorate – until recently called the Defence Signals Directorate (DSD) – was expected to be granted access.

”In recent years there has been an aggressive effort, lead [sic] by NSA, to make major improvements in defeating network security and privacy involving multiple sources and methods, all of which are extremely sensitive and fragile,” the briefing paper says.

”These include: Computer Network Exploitation (CNE); collaboration with other intelligence agencies; investment in high performance computers; and development of advanced mathematical techniques.”

It explains the British intelligence agency, GCHQ, ”is also introducing BULLRUN … CSEC, DSD and GCSB are expected to do likewise”.

The New York Times reported that the full extent of the NSA’s decryption capabilities – including Bullrun – is only shared with members of the so-called ”Five Eyes”: the NSA and equivalent agencies in Britain, Canada, Australia and New Zealand.

The newspaper reported documents disclosed by Mr Snowden reveal the NSA has ”circumvented or cracked” much of the encryption that automatically protects emails, web searches and phone calls.

The Guardian reported the documents reveal Britain’s GCHQ has been working on ways to unscramble encryption used by service providers Hotmail, Google, Yahoo and Facebook.

Last month it emerged in other documents released by Mr Snowden, that the Australian Signals Directorate is in a partnership with British, American and Singaporean intelligence agencies to tap undersea fibre-optic telecommunications cables that link Asia, the Middle East and Europe. The cables carry much of Australia’s international phone and internet traffic.

In May, Mr Snowden, a former contractor for the NSA, disclosed documents revealing efforts by the US agency to track telephone conversations and internet traffic globally.

blue cam line

WikiLeaks releases documents on global surveillance industry


WikiLeaks has stepped up its campaign to expose the global surveillance industry with the release of a new collection of sensitive documents from private intelligence and information technology companies.

The transparency group has published 294 documents from 92 contractor firms providing surveillance and intelligence technology to governments around the world.

WikiLeaks publisher Julian Assange said “Spy Files 3”, the third tranche of documents released on the subject, was part of his organisation’s “ongoing commitment to shining a light on the secretive mass surveillance industry”.

“The files form a valuable resource for journalists and citizens alike, detailing and explaining how secretive state intelligence agencies are merging with the corporate world in their bid to harvest all human electronic communication,” he said.

The released documents include sensitive sales brochures and presentations used by companies to encourage security, intelligence and police services to acquire surveillance systems and services. Technologies on offer include “lawful interception” systems, mass telecommunications monitoring, network recording, signals and communications intelligence and listening devices.

The WikiLeaks release shows internet spying capabilities now being sold on the intelligence market include detecting encrypted and obfuscated internet usage such as Skype, BitTorrent, VPN, SSH and SSL. The documents also reveal how contractors work with intelligence and police agencies to obtain decryption keys.

The documents detail bulk interception methods for voice, SMS, MMS, email, fax and satellite phone communications. The released documents also show intelligence contractors are selling capabilities to analyse web and mobile interceptions in real-time.

One 2011 document shows how companies such as British-based Gamma Group, German-based Desoma and Swiss-based Dreamlab are working in concert to “create Telecommunications Intelligence Systems for different telecommunications networks to fulfil the customers’ needs” regarding “massive data interception and retention”.

Other documents in the release show evidence of these technologies being used to infect users in Oman with remote-controlled spyware. The FinFly ‘iProxy’ installation by Dreamlab shows how targets are identified and malware is covertly inserted alongside a legitimate download while keeping the intended download functioning as expected. The target identification methods mean that anybody connecting through the same network would be systematically and automatically intercepted and infected as well, even unintended targets.

British-based privacy advocacy organisation Privacy International said the latest WikiLeaks release “further reveals the extent of which Western corporations are equipping repressive regimes and non-democratic governments to target activists, journalists, and human rights defenders”.

“Unequivocally, the newest ‘Spy Files’ documents show that this dark industry only continues to grow, in both technical capability and customer base, all while amassing billions in profits off the suffering of individuals,” Privacy International researcher Kenneth Page said.

“The types of surveillance being marketed by these companies represent some of the most sophisticated technologies available – whether it’s intrusion software, data mining, Trojans, location tracking, deep packet inspection, facial recognition or mass monitoring,” he said.

“And just like an advertisement you would see on television or in a magazine, spy firms are marketing these tools with flashy graphics, sales-speak and guarantees on effectiveness. It’s quite jarring to see such dangerous technologies being presented in such an unthreatening fashion, given that these products represent one of the biggest threats to human rights in the 21st century.”

The global trade of surveillance technology is estimated to be worth up to $US5 billion ($5.5 billion) a year. By comparison, the “traditional” global trade in small arms (excluding the sale of ammunition) was worth $US4 billion a year.

WikiLeaks has also published information on the movement of private intelligence corporate executives and sales personnel, thereby revealing the geographical focus of their activities.

Mr Assange said the WikiLeaks “Counter Intelligence Unit” has been “tracking the trackers”.

“The WikiLeaks Counter Intelligence Unit (WLCIU) operates to defend WikiLeaks’ assets, staff and sources, and, more broadly, to counter threats against investigative journalism and the public’s right to know,” he said. “The WLCIU has collected data on the movements of key players in the surveillance contractor industry, including senior employees of Gamma, Hacking Team and others as they travel through Azerbaijan, Bahrain, Brazil, Spain, Mexico and other countries.”

No further details of the new unit have been revealed. However it is a matter of public record that former US intelligence contractor turned whistle-blower Edward Snowden has been associated with WikiLeaks since his travel from Hong Kong to Russia in June.


Henry Sapiecha

blue cam line


(Reuters) – If you want to hack a phone, order a cyber attack on a competitor’s website or buy a Trojan program to steal banking information, look no further than the former Soviet Union.

An employee works near screens in the virus lab at the headquarters of Russian cyber security company Kaspersky Labs in Moscow

The breadth and sophistication of services sold on Russian-language websites such as Forum.zloy.bz or Forum.evil offer a small window onto a Russian criminal underground that is costing Western firms billions of dollars in credit card and online banking fraud as well as “phishing” attempts to lure people into downloading malware or disclosing passwords.

“If you look at the quantity of malware attacks, the leaders are China, Latin America and then Eastern Europe, but in terms of quality then Russia is probably the leader,” said Vitaly Kamluk, a cyber security researcher in Moscow.

Two of the five most wanted men in the United States for cyber crime are Russian, and one is from Latvia, which used to be part of the Soviet Union.

Russians were also behind the biggest cyber crime case in U.S. history. Federal prosecutors named four Russians and a Ukrainian in a banking card fraud spree that cost companies including J.C. Penney Co, JetBlue Airways Corp and French retailer Carrefour SA more than $300 million.

The risk of being prosecuted is so low it does little to dissuade highly educated and skilful but under-employed programmers from turning to illicit hacking for profit or fun.

In a country where wages are lower than in the West and life is expensive, and which has long produced some of the world’s best mathematicians, the temptation to turn to crime is great, and the hackers are in general ahead of the people trying to catch them.

“People think: ‘I’ve got no money, a strong education and law enforcement’s weak. Why not earn a bit on the side?'” said Alexei Borodin, a 21-year-old hacker.

As long as these hackers target victims abroad, experts say, the Russian authorities are willing to sit back and let them develop tools to burrow into computer vulnerabilities, which they can in turn use for their own cyber espionage.

Two of the Russian suspects in the banking card fraud case were arrested while in the Netherlands, but two others – Alexander Kalinin, 26, and Roman Kotov, 32 – are still at large and thought to be in Russia, where experts doubt they will be caught.

Moscow’s decision to harbor Edward Snowden, wanted in the United States for leaking details of government surveillance programs on the phone and Internet, is likely to freeze already slow-moving cross-border police cooperation with Washington, they said.

“They have been doing this in Russia for many years now,” said Misha Glenny, an expert and author on cyber crime.

“Russian law enforcement and the FSB (Federal Security Service) in particular have a very good idea of what is going on and they are monitoring it but as long as the fraud is restricted to other parts of the world they don’t care.”

Several email requests for comment and calls over three weeks to the special Interior Ministry unit tasked with policing the web – Department K – went unanswered.


The pool of talent churned out by top-tier institutes excelling in hard sciences across the former Soviet Union is indisputable.

A trio of students from the St Petersburg National Research University, for instance, won the oldest and most prestigious world programming competition, the ACM International Collegiate Programming Contest, four times in the last six years.

Three Russian teams, one from Belarus and one from Ukraine, were also among the top ten finalists this year in the contest, which featured teams from 2,322 universities in 91 countries.

But in a 2013 survey, only 51 percent of IT specialists in Russia polled by HeadHunter, a recruiting website, found jobs in the country’s burgeoning IT sector. It said average salaries in Moscow for work in information security was 65,000 roubles ($2,000) a month, far less than Western counterparts would earn.

Hacking is not a crime in and of itself. So-called white-hat hackers, who access computers to bolster security defenses, face off at the front lines of a virtual battleground with criminals, known as crackers or black-hat hackers, who break in with ill intent.

Hackers on both sides of that divide are mostly aged 22 to 30 and, in Russia, many may have been university classmates.

Borodin, who works on start-ups involved in Bitcoin, the virtual currency, describes web security as his hobby. Known as ZonD80, he began exploring computer vulnerabilities at the age of 12, and made waves last year by publishing a hack allowing iPhone users to avoid paying for in-App upgrades – a system loophole it took him about a week to find.

He says he has never broken the law.

“I hacked Apple and Google systems, but I’ve been working on the other side for ages… Now it’s fun to design defenses against all the hacks I used to do myself,” he said in an interview via instant messenger.

“There aren’t really any boundaries. Someone can go over to the bad side or suddenly become a protector. In any event, if you’re caught, then you were in the wrong place at the wrong time.”


At the Moscow headquarters of the Kaspersky Lab, a Russian rival to U.S. security firms Symantec or McAfee, sweatshirt-clad youths sit silently tapping away in an ultra-sleek workspace.

“Stealing money from behind a screen is incomparably easier psychologically than attacking someone in the street,” Kamluk, 29, said in a round, glass room known as the Virus Lab. Here client data on millions of suspicious programs is parsed by analysts sitting at a circle of screens that looks like a spaceship control room.

“Using technical means, you can fight cyber crime endlessly, but it is a non-stop weapons race: We make security systems and they find ways around it.”

The soft-spoken Belarusian, who sports a Mohawk and a T-shirt printed with green-on-black computer code, was hired in 2005 and is now part of an elite team chosen by CEO Eugene Kaspersky to investigate new or exotic cyber threats.

The Global Research and Expert Analysis Team, or GREAT for short, discovered the Stuxnet cyber weapon, which is believed to have been used by the United States and Israel to attack Iran’s nuclear program a few years ago.

This year Kamluk and other GREAT prodigies uncovered a Russian-speaking cyber espionage gang, Red October, operating a complex data-hijacking system used to steal intelligence from government, military and diplomatic targets worldwide.

GREAT was not able to identify who was behind the gang. But the manpower and expense needed to wield such a network is believed by some experts to point to the involvement of a state intelligence agency, possibly Russian.


On the Blackhacker.ru forum, threads offer advice on what countries have the most crime-friendly laws and sell cyber tools such as bullet-proof hosting from which to launch attacks.

In a feeble nod to the law, some sellers post disclaimers, denying responsibility if their service is put to criminal use.

Such forums played a crucial role in the criminal baptism of a generation of programmers who emerged onto the job market in the 1990s when the Soviet Union was unraveling, and have served as hacker incubators popularizing cyber crime in Russia.

“In 2008, you needed to buy a Botnet (network of infected computers) and set it up, it was quite sophisticated. Nowadays, every schoolboy can do this by … using forums and reading,” said Maxim Goncharov, a researcher at security firm Trend Micro.

The amount of cash flowing to this underground industry is hard to quantify as many companies do not report losses. Moscow-based cyber forensics firm Group-IB estimated the Russian cyber crime market was worth $2.3 billion in 2011 and far more today.

Some of the cash, it says, goes to pay off corrupt police, who then tip off the criminals.

Andrey Komarov, head of international projects at Group-IB, said cyber criminals are winning in the war against the world’s law enforcement agencies.

“It is like the battle between a fly and an elephant,” said Komarov said. “Some cyber criminals have very close contacts with corrupted law enforcement agencies, and during our investigations some disappeared and were not arrested.”

(Additional reporting by Alessandra Prentice and Megan Davies in Moscow and Liza Dobkina in St Petersburg; Editing by Sonya Hepinstall)


Henry Sapiecha

blue cam line



Security contractor Edward Snowden

London: British spies are running an online eavesdropping operation so vast that internal documents say it even outstrips the United States’ international internet surveillance effort, The Guardian newspaper says.

The paper cited UK intelligence memos leaked by former National Security Agency contractor Edward Snowden to claim that UK spies were tapping into the world’s network of fibre optic cables to deliver the “biggest internet access” of any member of the Five Eyes – the name given to the espionage alliance composed of the United States, Britain, Canada, Australia and New Zealand.

That access could in theory expose a huge chunk of the world’s everyday communications – including the content of people’s emails, calls, and more – to scrutiny from British spies and their US allies. How much data the British are copying off the fibre optic network isn’t clear, but it’s likely to be enormous.

The Guardian said the information flowing across more than 200 cables was being monitored by more than 500 analysts from the NSA and its UK counterpart, GCHQ.

“This is a massive amount of data!” The Guardian quoted a leaked slide as boasting.

The newspaper, whose revelations about America and Britain’s globe-spanning surveillance programs have reignited an international debate over the ethics of espionage, said GCHQ was using probes to capture and copy data as it crisscrossed the Atlantic between western Europe and North America.

It said that, by last year, GCHQ was in some way handling 600 million telecommunications every day – although it did not go into any further detail and it was not clear whether that meant that GCHQ could systematically record or even track all the electronic movement at once.

GCHQ declined to comment on Friday, although in an emailed statement it repeated past assurances about the legality of its actions.

“Our work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary, and proportionate,” the statement said.

Fibre optic cables – thin strands of glass bundled together and strung out underground or across the oceans – play a critical role in keeping the world connected. A 2010 estimate suggested that such cables are responsible for 95 per cent of the world’s international voice and data traffic, and The Guard-ian said Britain’s geographic position on Europe’s western fringe gave it natural access to many of the trans-Atlantic cables as they emerged from the sea.

The Guardian said GCHQ’s probes did more than just monitor the data live; British eavesdroppers can store content for three days and metadata – information about who was talking to whom, for how long, from where, and through what medium – for 30 days.




Hong Kong Surveillance

HONG KONG (AP) — The former CIA employee who suddenly burst into headlines around the globe by revealing himself as the source of top-secret leaks about U.S. surveillance programs has just as quickly gone to ground again.

Two days after he checked out of a Hong Kong hotel where he told the Guardian newspaper that he had “no intention of hiding who I am because I know I have done nothing wrong,” Edward Snowden was nowhere to be found Wednesday, despite being the central figure in the biggest news story in the world.

Snowden, in his Sunday interview with the newspaper, had said he wanted to avoid the media spotlight, noting he didn’t want “the story to be about me. I want it to be about what the U.S. government is doing.”

With little new information to report on Snowden or his whereabouts, Hong Kong’s notoriously boisterous newspapers, and others around the world, fixated on his American girlfriend, a dancer who posted partially nude photographs on herself online before she also apparently disappeared.

“Spy on the run: girlfriend ill at ease,” read one Apple Daily headline above a picture of the 28-year-old Lindsay Mills in a provocative pose taken from her blog, which has since gone offline.


Mills is not believed to be traveling with Snowden, who is thought to still be in Hong Kong.

Apple Daily quoted unidentified sources with the Hong Kong immigration department as saying they had no record of Snowden leaving the territory. A spokesman for the department, speaking on routine condition of anonymity, said it could not confirm the paper’s information because it did not comment on individual cases.

Reporter Ewen MacAskill of Britain’s the Guardian newspaper, who interviewed Snowden for exclusive stories about his revelations, wrote late Tuesday that “it is thought” Snowden was now in a private home in Hong Kong, but offered no details.

Guardian journalist Glenn Greenwald, who also interviewed Snowden in Hong Kong, has given a series of interviews about the case, but refused to reveal any information about Snowden’s location or his future plans.


Despite the uncertainty, Hong Kong supporters of the 29-year-old American have organized a protest march featuring local human rights activists and prominent pro-democracy politicians to pass in front of the U.S. Consulate on Saturday afternoon.

“We call on Hong Kong to respect international legal standards and procedures relating to the protection of Snowden; we condemn the U.S. government for violating our rights and privacy; and we call on the U.S. not to prosecute Snowden,” the organizers said in a news release.

Snowden arrived in Hong Kong from his home in Hawaii on May 20, just after taking leave from his National Security Agency contracting firm Booz Allen Hamilton, which has since fired him.

Questions remain about why Snowden chose to go public in Hong Kong, a Chinese autonomous region that maintains a Western-style legal system and freedom of speech, although he said he considered the territory to be relatively free and open. Hong Kong has an extradition agreement with the United States, but there are exceptions in cases of political persecution or where there are concerns over cruel or humiliating treatment.


U.S. authorities have yet to bring charges against Snowden or file an extradition request with Hong Kong. Legal experts say quirks in the Hong Kong legal system could allow Snowden to draw that process out for months or years through appeals.

Snowden might also block extradition altogether by claiming he would be subject to the same harsh treatment as WikiLeaks source Army Pfc. Bradley Manning, who was held alone for nine months in a windowless cell 23 hours a day, sometimes with no clothing, drawing complaints from human rights groups and the United Nations’ chief torture investigator.

Snowden could still attempt to leave Hong Kong for another destination, possibly including nearby jurisdictions or countries that do not have extradition treaties with the United States, such as China. Snowden himself has given no indication he is prepared to cooperate with any foreign intelligence service, including China’s.

Outside of Asia, Snowden might also consider seeking asylum in countries like Iceland and Russia. According to the Kommersant Daily newspaper, Moscow has said it might provide asylum.


Henry Sapiecha

blue cam line


How to shield your calls and internet activity from government surveillance

mobile phone people image www.ispysite

If you have followed the startling revelations about the scope of the US government’s surveillance efforts, you may have thought you were reading about the end of privacy. But even when faced with the most ubiquitous of modern surveillance, there are ways to keep your communications away from prying eyes.

A new frontier of sweeping secret surveillance is not a conspiracy theory but a burgeoning reality. 

First, instead of browsing the internet in a way that reveals your IP address, you can mask your identity by using an anonymising tool such as Tor or by connecting to the web using a Virtual Private Network, or VPN.

Additionally, you can avoid Google search by using an alternative such as Ixquick, which has solid privacy credentials and says it does not log any IP addresses or search terms or share information with third parties.

When it comes to sending emails, if you are using a commercial provider that has been linked to the PRISM spy initiative, you can throw a spanner in the NSA’s works by learning how to send and receive encrypted emails. PGP or its free cousin GPG are considered the standard for email security, and these can be used to both encrypt and decrypt messages – meaning you can thwart surveillance unless you are unlucky enough to have Trojan spyware installed on your computer.

Novice computer users learning how to use PGP or GPG may find it daunting at first, but there are plenty of tutorials online for both Mac and Windows users that can help guide you through the process. For journalists working with confidential sources, attorneys seeking to ensure attorney-client privilege, or others whose work requires secure communications, learning how to use PGP or GPG is an absolute necessity. Organisations seeking to protect themselves from email grabs could go one step further: they could take more control of their messages by setting up their own email server instead of relying on a third-party service, helping ensure no secret court orders can be filed to gain covert access to confidential files. And if you need to store private documents online, you can use Cloudfogger in conjunction with Dropbox.


For instant messaging and online phone or video chats, you can avoid Microsoft and Google services such as Skype and G chat by adopting more secure alternatives. Jitsi can be used for peer-to-peer encrypted video calls, and for encrypted instant message chats you can try using an “off the record” plugin with Pidgin for Windows users or Adium for Mac. Like using PGP encryption, both Pidgin and Adium can take a little bit of work to set up – but there are tutorials to help ease the pain, such as this for setting up Adium and this tutorial for Pidgin.

As for phone calls, if you want to shield against eavesdropping or stop the NSA obtaining records of who you are calling and when, there are a few options. You could use an encryption app such as Silent Circle to make and receive encrypted calls and send encrypted texts and files, though your communications will be fully secure only if both parties to the call, text or file transfer are using the app. Other than Silent Circle, you could try RedPhone (Android and iOS) for making encrypted calls or TextSecure for sending encrypted texts.

A new frontier of sweeping secret surveillance is not a conspiracy theory but a burgeoning reality. But it is not an Orwellian dystopia – at least, not yet. Tools to circumvent government monitoring exist and are freely available. The onus is on us as individuals to learn how to use and adopt them.

Henry Sapiecha
blue cam line



The 14-year-old couldn’t believe his eyes. The virtual currency he’d worked so hard to amass in the online role-playing game Runescape had vanished. He’d lost the equivalent of $700 in the blink of an eye, after investing his pocket money into the game’s economy for months. All that remained was an instant message dialogue box: “Haha, you got RATted!”

What is a Computer Hacker?

These days, a hacker doesn’t have to be a geek from a top university who breaks into high profile banks and government systems.

A hacker can be anyone, even the kid next door. Anyone can download a simple software off the Internet to see everything that goes into, and out of, a computer on a the same network. And people who do this don’t always have the best of intentions. So just imagine how exposed you are when you use WiFi in a public hotspot. Everybody in that very same hotspot are all on the same computer network.


Firewalls and anti-virus can’t stop this new type of hacking, called sniffing, but PRIVATE WiFi can. Learn more about how to protect yourself against hackers. Private wifi description

Sitting in his bedroom in Wauchope, on the mid-north coast of NSW, the teenager wrote back: “What does that mean?” He didn’t know at the time that his machine had been compromised by a Remote Administration Tool (RAT), an aggressive form of malware that allows hackers to access a victim’s entire computer. It was too late. The thief had disappeared. “He ran away with my money, like a girl,” laments Alex (not his real name).

When I started, it was hard to learn. I was confused. I helped others because I wanted them to feel how I felt when I first started RATting – that feeling of excitement. I wanted to empower them.

‘Alex’ the NSW hacker


Weeks later, his desolation and rage had been replaced by joy. After researching RATs and spending an entire day spreading an innocuous link using Runescape’s in-game chat function, in the hope that someone would visit the page and run the Javascript application embedded within, Alex had his mark.

An image uploaded to a hacking forum showing a woman picking her nose as seen through her webcam.An image uploaded to a hacking forum showing a woman picking her nose as seen through her webcam.

Within a few clicks, the teenager had access to a stranger’s entire computer, without their knowledge. “I was the happiest kid in the whole entire world,” he says. “I could see their desktop, what they typed, the history of what they’d typed, stored passwords, files – everything.”


His victim didn’t have a webcam, so Alex wasn’t sure of their gender or their appearance, although he assumes they were male. But he knew that they played Runescape, so he got straight to work on what mattered: looting their gold, just as he’d recently experienced himself.

After emptying the stranger’s account, the teenager watched, intrigued, as his mark realised that he’d been hacked, and began trying to close the connection. Fifteen minutes later, Alex’s first “slave” – hacker shorthand for a compromised user – had disconnected himself.

An image uploaded to a hacking forum showing a woman sleeping as seen through her webcam.
An image uploaded to a hacking forum showing a woman sleeping as seen through her webcam.

The RATted had become the RATter. “I felt unstoppable,” says Alex, now 17 and studying Year 11. “I was really insecure about myself at the time. I felt like the most powerful person on Runescape.”


Know more? Email us

The senior security manager at antivirus software company Trend Micro has another name for RAT: Remote Access Trojan. “It’s a piece of software loaded onto somebody’s computer that allows it to be controlled or accessed from a third-party location,” says Adam Biviano in Sydney.

An image uploaded to a hacking forum showing a woman starting at her computer as seen through her webcam.
An image uploaded to a hacking forum showing a woman starting at her computer as seen through her webcam.

“They often arrive on a computer masquerading as something else,” he says. “Just like the mythological story, you open your gates up and you allow it inside your protected walls. All of a sudden, you think you’re getting one thing, but in reality you’re getting what they call a ‘RAT’. You’re giving access to your computer to … who knows who.”


A 14-year-old boy motivated by revenge is probably one of the last people you’d want to have unmitigated access to your computer. Especially if you’re female, given that one of the most commonly exploited features of RAT software is the ability to spy on a user’s webcam. Many modern laptops will display a green light when the webcam is in use; however, RAT developers have long since worked out how to disable that tell-tale sign on some computers.

The cumulative effect is a gross breach of privacy, often without the user’s knowledge. Think of where your computer’s webcam is positioned, and what someone might see if they watched you constantly: your bedroom antics, perhaps, or your daily nude stroll around the house. They might even see you take your laptop to the toilet with you.


An image uploaded to a hacking forum showing a woman looking at her computer as seen through her webcam.
An image uploaded to a hacking forum showing a woman looking at her computer as seen through her webcam.

Discussion threads in the Remote Administration Tools section of HackForums.net overflow with webcam screenshots, to celebrate both “hot female slaves” and “ugly slaves”.


Alex goes by a pseudonym on HackForums that Fairfax Media has chosen to keep secret in order to conceal his identity. He’s been a particularly active community member over the past 12 months, clocking more than 6000 posts – about 17 a day – while establishing himself as a helpful source of information for those new to RATs.

“When I started, it was hard to learn,” he says. “I was confused. I helped others because I wanted them to feel how I felt when I first started RATting – that feeling of excitement. I wanted to empower them.”


The teenager says he’s never had a job, yet he’s drawn a respectable income from his RAT activities for more than two years. His parents began asking questions when he connected his PayPal to his bank account, and sums of up to $500 at a time would flow in: profit from his Runescape thefts. “I sat down with them and told them what was going on,” says Alex.

“They understood. They said, ‘If you get caught, you’re in serious shit.’ My parents are laidback about it, because they knew I was smart with computers when I was younger. I’ve gotten way smarter since then.” Their son may not have been completely honest about the precise source of income, though: “They don’t really know what happens behind the scenes when I’m on the computer,” he admits.


Trend Micro’s Adam Biviano isn’t surprised by Alex’s exploits, nor his age. “I’ve been in the anti-malware industry for about 15 years,” he says. “A lot of these attacks start off with people who are quite young. It’s that younger element that probably doesn’t understand the legal implications of what they’re doing. They think that because it’s online, it’s simply a bit of harmless fun.

“We also see that those skills are put to far more malicious use these days, by moving on to target businesses, to target individuals by stealing their identities, even cross-border espionage using RATs,” he says, referring to a malware outbreak in the fractured state of Syria last year. “[Virtual goods theft] is one of the more benign uses of RATs, but it can certainly get nastier from there.”


The Attorney-General’s Department responded to questions with this statement: “The Commonwealth Criminal Code contains a range of offences that apply to the unauthorised access to or modification of data, as well as offences that relate to the possession, control or supply of data with an intent to commit a computer offence.”

Federal penalties for these offences range from two to 10 years’ imprisonment; the states and territories also have laws prohibiting the installation and use of surveillance devices, including listening, optical, tracking and data surveillance devices, which may also apply to those caught using RATs for malicious purposes.


The Department of Broadband, Communications and the Digital Economy says it does not have a position statement on the use of RATs among private citizens.

Remote access technology is not new – Windows has had this functionality in-built for many years – but the malware form of delivery is a constant headache for security companies such as Trend Micro, especially since some of these products are marketed as “FUD”: fully undetectable, by either software or user.


“That’s the unfortunate part of the business we’re in,” says Biviano. “For a malware writer, we’re part of their quality assurance process. A piece of malware will be sold for far more money than a competing product if it’s undetectable by current anti-malware products. That’s the sad reality of life right now.”

Trend Micro’s labs deal with RAT infections on a daily basis, not just on personal computers, but increasingly, mobile devices. “This year alone, we’re anticipating that we’ll see nearly one million forms of malware just on [the] Android [mobile operating system]. A lot of these will have RAT built in. It’s very rare these days that we see malware that doesn’t have some sort of remote access capabilities.”


RATs have a long history of legitimate, non-malicious uses: IT departments throughout the world benefit daily from the ability to view their colleagues’ screens when troubleshooting, as do workers who wish to access files on their home computer from the office.

Chris Gatford, director of Sydney security consultancy HackLabs, uses this type of software when performing penetration testing for clients on four continents. “We’re engaged by our customers to compromise their environment,” says Gatford. “We use social engineering as the mechanism to gain access to the organisation, using “RAT-like” functionality in commercial security testing tools to perform our work.


“In our experience, when performing this testing, we’re very rarely detected, and therefore most organisations aren’t able to detect it,” he says. “I would say the majority of Australian organisations certainly wouldn’t have the capability to detect whether they were infected by RATs, if [the software] was being used by attackers correctly.”

Using freely available RATs with names such as DarkComet and BlackShades, Alex was able to gain control of up to 1000 computers simultaneously. The dual monitors in his Wauchope bedroom became a window to the world. “I’ve had a guy in Vietnam working in a store,” he says of his “slaves”. “I’ve had a whole Asian family looking at the computer at once. I’ve had a lot of ugly people; one guy in his nineties or something, who looked like Santa Claus,” he says, laughing.


He has clicked onto people masturbating to child pornography. He didn’t like that one bit. “I basically destroy their computer if I see them looking at that shit, because that’s just wrong.” With a few commands, he’d delete their computer’s “system32” folder; without those files, Windows operating systems won’t function.

But those days are behind Alex now. In mid-March, he posted a thread on HackForums saying goodbye to using Remote Administration Tools. The 17-year-old feels he’s learned all there is to know about RATs. He’s had some fun, made some money. Now he’s setting his sights on learning to code, while balancing his Year 11 workload. He’s fond of software design, IPT and English, but hates maths. He’s looking forward to studying at university – something to do with computers, naturally – and building a career in penetration and vulnerability testing.


The only thing that’s stopped the teenager from accessing strangers’ computers without their knowledge is boredom. That initial buzz – that feeling of being “the happiest kid in the world” – has long since worn off. Gross invasions of privacy have lost their lustre. Alex maintains that he never touched any bank accounts while RATting: “That shit’s lame,” he says. “I know people do it, but it’s a dog act.”

If he got caught by the police – not that he ever came close – he’d have justified his behaviour thus: “I know it was wrong to steal virtual goods, but I didn’t do it for bad reasons.

“I did it for educational purposes. Hacking isn’t just about ‘bad’ things. Most people hack to learn.”


Asked whether he’s proud of what he did, he laughs. “I kind of am! I felt bad when I got my stuff stolen, though.” But it was okay when you did it to others?

He pauses. “Now I’m confused … How do I say it? RATting is bad, and good. People do it for knowledge; people do it to steal shit; people do it to mess around. It’s a thing that hackers these days need to learn, before they move on.


Henry Sapiecha




Henry Sapiecha