German researchers captured and analyzed a new Trojan horse which they claim might be used by police to tap Skype calls and IM messages.
According to German laws it is legal to use a "Bundestrojaner" ("Federal Trojan"), which have being used by police to record VoIP traffic for many years.
The new R2D2 (0zapftis) Trojan can also download updates from the internet, log keystrokes, take screenshots and record IM chat conversations.
The German chancellor's press secretary denied that the R2D2 trojan has been used by the BKA, the German Federal criminal police. This denial has failed to stem speculation.
One popular theory is that Trojan might have been created by Digitask for the Bavarian government. Such speculation in interesting, though not based on any evidence outside of papers released by WikiLeaks suggesting Digitask had at least offered to create this sort of software.
The R2D2 name comes from a string of ASCII, "C3PO-r2d2-POE", found in the mystery Trojan. Likewise, the 0zapftis name also appears, a phrase meaning "the barrel is open" that's used by the Munich mayor in opening Oktoberfest every year.
According to Mikko Hypponen (F-Secure): “It's not well written. Which, I guess, makes it *more* likely it's developed by a Government...”
Update
Bavaria, Baden-Württemberg, Brandenburg and Lower Saxony have all reported use of the R2D2 Trojan "within the parameters of the law."
Joachim Herrmann, interior minister for Bavaria, promised to conduct a review into the software's use in order to ensure that it complied with the Bundesverfassungsgericht's 2008 ruling on the use of Quellen-TKÜ technology, while justice minister Sabine Leutheusser-Schnarrenberger called for a joint investigation between state and federal government.
While use of the R2D2 Trojan by local law enforcement agencies - known as Landeskriminalamt, or LKA - has been confirmed, an official statement from the Interior Ministry denies that any such tool was being used at a federal level by the BKA.
