[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
QUANTUMINSERT "wide stack" covert network communication
- To: cpunks <[email protected]>
- Subject: QUANTUMINSERT "wide stack" covert network communication
- From: [email protected] (coderman)
- Date: Thu, 13 Mar 2014 00:34:39 -0700
- In-reply-to: <CAJVRA1QKrEaZdddX6BOc5SQVhyK4Gn874FcTjxO-+wtGUanxUw@mail.gmail.com>
- References: <CAJVRA1TmYsZkwaq819rJ3LHQv_Edd_+kG-dWGFBodKYHZZHv6A@mail.gmail.com> <CAJVRA1QKrEaZdddX6BOc5SQVhyK4Gn874FcTjxO-+wtGUanxUw@mail.gmail.com>
On Wed, Jan 1, 2014 at 3:40 AM, coderman <[email protected]> wrote:
> it looks like this is called QFIRE / MIDDLEMAN (CovNet?)
> http://cryptome.org/2013/12/nsa-qfire.pdf
here this type of comms is called: QUANTUMSQUIRREL
http://cryptome.org/2014/03/nsa-gchq-quantumtheory.pdf
perhaps due to joint GCHQ/NSA effort
""""
Experimental:
QUANTUMSQUIRREL - Truly covert infrastructure, be any IP in the world
""""
--- selected-slides ---
# Components of QUANTUM Architecture:
TURMOIL
- (or LPT, or LPT-D, what else can you kludge for tipping ... cough.. NINJANIC)
- Passive Sensor
TURBINE
- Active Mission Logic of Remote Agents
ISLANDTRANSPORT
- Messaging Fabric
SURPLUSHANGER
- High -> Low diodes
STRAIGHTBIZARRE or DAREDEVIL
- Implant / Shooter
---
# Legacy QUANTUMTHEORY techniques
QUANTUMINSERT
- HTML Redirection
QUANTUMSKY
- HTML/TCP resets
QUANTUMBOT
- IRC botnet hijacking
---
# New Hotness
QUANTUMBISCUIT
- Redirection based on keyword
- Mostly HTML Cookie Values
QUANTUMDNS
- DNS Hijacking
- Caching Nameservers
QUANTUMBOT2
- Combination of Q-BOT/Q-BISCUIT for web based Command and controlled botnets
---
# Experimental
QUANTUMCOPPER
- File download disruption
QUANTUMMUSH
- Virtual HUFFMUSH / Targeted Spam Exploitation
QUANTUMSPIM
- Instant Messaging (MSN chat, XMPP)
QUANTUMSQUEEL
- Injection into MySQL persistent database connections
QUANTUMSQUIRREL
- Truly covert infrastructure, be any IP in the world