Compromised Code Names, Operations and Equipment / Recent and in progress ( Updated 12:37PM PST / 27OCT2013 )

Editors Note: (Ralph Turchiano) Requested Repost from the archives (Oct 2013)

EEV: Recently Compromised or exposed Code names, Operations, Software and facilities. The list is in no particular order and is being updated frequently. These are just the discoveries from the past 2 years.

* Details of ALL operations can be found through inputting the codename in the search bar. (Being Updated, will be formatted for easy access in the near future _ The most recently compromised will be at the top (for the first week) after 26 OCT 2013

Compromised Code Names, Operations and Equipment

_______________________ Recent

MUSCULAR – The NSA’s principal tool to exploit the data  links is a project called MUSCULAR, operated jointly with the agency’s British  counterpart, GCHQ.

http://www.dailymail.co.uk/news/article-2480411/NSA-broke-Yahoo-Google-data-centers-obtain-millions-records.html

 Einstein antenna system –  Can intercept cell phone signals while simultaneously locating people of interest.

https://engineeringevil.com/2013/10/27/the-nsas-secret-spy-hub-in-berlin/

 Birdwatcher Program – intercepts microwave and millimeter-wave signals. Some programs,  deal primarily with encrypted communications in foreign countries and the search for potential access points. Birdwatcher is controlled directly from SCS headquarters in Maryland.

https://engineeringevil.com/2013/10/27/the-nsas-secret-spy-hub-in-berlin/

Quantum –  NSA controls a set of servers that sit on the Internet backbone, and these servers are used to redirect targets away from their intended destinations to still other NSA-controlled servers that are responsible for the injection of malware.

https://engineeringevil.com/2013/10/25/how-the-nsa-deploys-malware-an-in-depth-look-at-the-new-revelations/

FoxAcid –  NSA server that selects from a toolkit of exploits in order to gain access to the user’s computer. Presumably this toolkit has both known public exploits that rely on a user’s software being out of date, as well as zero-day exploits which are generally saved for high value targets.

https://engineeringevil.com/2013/10/25/how-the-nsa-deploys-malware-an-in-depth-look-at-the-new-revelations/

Tailored Access Operations (TAO), the branch  of the US National Security Agency (NSA) which deals with cyber-attacks

https://engineeringevil.com/2013/10/25/was-israel-behind-the-hacking-of-millions-of-french-phones-and-not-the-u-s-extraordinary-twist-in-spying-saga-revealed/

—————————————————–

Opus Dei – International Roman  Catholic order, founded in 1928 and championed early by Spanish  dictator Francisco Franco, is dedicated to establishing its members in high  political, corporate, and religious offices all over the world.

https://engineeringevil.com/2012/11/08/the-penn-state-scandal-faces-off-2-mysterious-government-agents-with-top-secret-clearance/

Rossotrudnichestvo exchange program – Alleged exchange program used to recruit Americans to train as Russian spies

https://engineeringevil.com/2013/10/23/russian-representative-denies-us-media-claims-of-his-involvement-in-espionage-rossotrudnichestvo-exchange-program/

Shenguang (“Divine Light”) – China’s laser project for inertial confinement fusion, which aims to use high-powered lasers to produce a sustained nuclear fusion reaction ( lasers designed to damage or destroy US satellites )

https://engineeringevil.com/2013/09/17/china-pursues-systems-to-keep-us-forces-at-bay/

Apstar-7 satellite (  APT Satellite Holdings )  – Chinese Satellite the Pentagon leases to oversee communications with its African bases

https://engineeringevil.com/2013/05/01/red-faces-as-pentagon-leases-chinese-satellite/

https://engineeringevil.com/2013/04/30/pentagon-leaning-on-chinese-satellite-for-africa-command-communications-sparked-outcry-by-disclosing-its-lease-of-bandwidth-from-a-chinese-satellite/

Operation Socialist – An assault on Belgacom’s “core GRX routers”

https://engineeringevil.com/2013/09/20/uks-gchq-blamed-for-cyber-attack-on-belgian-telecoms-company/

“Man in the Middle” or “MiTM” operations “ –  highly-sophisticated deception which allows a third party to intervene in an electronic conversation and pretend to be each of the other two parties, obtaining valuable information or spreading disinformation without the targets realizing

https://engineeringevil.com/2013/09/20/uks-gchq-blamed-for-cyber-attack-on-belgian-telecoms-company/

US-985D – Text messages France

https://engineeringevil.com/2013/10/20/us-spy-agency-snooped-on-french-citizens-report-code-named-us-985d/

Unit 61398 –  Engages in harmful ‘Computer Network Operations’,” is located in Shanghai’s Pudong district, China’s financial and banking hub, and is staffed by perhaps thousands of people proficient in English as well as computer programming and network operations. Is considered a Chinese State Secret. The unit has stolen “hundreds of terabytes of data from at least 141 organizations across a diverse set of industries beginning as early as 2006.

https://engineeringevil.com/2013/02/18/security-group-suspects-chinese-military-is-behind-hacking-attacks-unit-61398/

https://engineeringevil.com/2013/05/02/chinese-attack-sucks-secrets-from-us-defence-contractor/

Apalachee – EU/ UN Tapping

https://engineeringevil.com/2013/08/26/codename-apalachee/

https://engineeringevil.com/2013/08/25/us-spy-agency-broke-encryption-on-un-communications-report/

Bumblehive – NSA Storage Facility

https://engineeringevil.com/2013/04/16/is-the-nsa-building-a-1-2billion-data-center-to-spy-on-americans-utah-desert-facility-code-named-bumblehive-will-monitor-emails-of-u-s-citizens/

Boundless Informant – NSA Data Mining program

https://engineeringevil.com/2013/06/08/boundless-informant-the-nsas-secret-tool-to-track-global-surveillance-data/

https://engineeringevil.com/2013/06/16/i-have-watched-barack-obama-transform-into-the-security-president/

CHAMP ( Counter-Electronics High Power  Microwave Advanced Missile Project ) Boeings missile with  electromagnetic pulse capability

https://engineeringevil.com/2012/12/02/from-sci-fi-to-reality-the-computer-blitzing-drone-that-can-cripple-a-nations-electronics-at-the-touch-of-a-button/

Codeword – Currently Unkown

https://engineeringevil.com/2013/10/02/oops-its-another-biden-blunder-vice-president-unwittingly-reveals-cover-of-codeword-classified-document/

Swag Security – China’s hack group U.S. Medicaid system / Nuclear Codes ( Ironically also a Bank of America Code Word )

https://engineeringevil.com/2013/02/28/bank-of-america-alleged-key-word-list/

https://engineeringevil.com/2012/10/01/chinese-government-hacks-into-white-house-office-in-charge-of-the-nuclear-launch-codes/

Tailored Access Operations – NSA Special Targets

https://engineeringevil.com/2013/10/20/nsa-accessed-mexican-presidents-email/

https://engineeringevil.com/2013/09/16/nsa-monitors-financial-world/

Flatliquid – Tap Diplomatic Communications

https://engineeringevil.com/2013/10/20/nsa-accessed-mexican-presidents-email/

Whitetamale – Mexico e-mails

https://engineeringevil.com/2013/10/20/nsa-accessed-mexican-presidents-email/

Lugar Research Center – U.S. Top Secret Biologics lab ( Republic of Georgia )

https://engineeringevil.com/2013/10/03/the-island-of-doctor-moreau-what-kind-of-monsters-does-us-raise-in-republic-of-georgia/

Special Collection Service – Secret eavesdropping posts in 80 US embassies and consulates around the world.

https://engineeringevil.com/2013/08/26/codename-apalachee/

https://engineeringevil.com/2013/10/20/nsa-accessed-mexican-presidents-email/

DishFire – Text message filtering / the intelligence agency collects information on credit card transactions from some 70 banks worldwide.

https://engineeringevil.com/2013/10/20/nsa-accessed-mexican-presidents-email/

https://engineeringevil.com/2013/09/16/nsa-monitors-financial-world/

Sophia – Industrial Control System Computer Networking Fingerprinting Tool ( Powergrid )

https://engineeringevil.com/2013/10/14/security-of-the-nations-power-grid-threatened-by-theft-company-says/

Visdom – Competing Industrial Control System Computer Networking Fingerprinting Tool ( Powergrid )

https://engineeringevil.com/2013/10/14/security-of-the-nations-power-grid-threatened-by-theft-company-says/

FunVax – Biological pacification of individuals through vaccination

https://engineeringevil.com/2012/08/08/commentary-on-the-video-fundamentalist-vaccine-penatgon-using-vaccines-to-alter-human-behavior-followed-by-ann-epidemiol-201020729-733-change-in-human-social-behavior-in-response-to-a-co/

Section 6103 – IRS abuse

https://engineeringevil.com/2013/10/09/white-house-irs-exchanged-confidential-taxpayer-info/

IceFog – Advanced Persistent Threats ( China ? )

https://engineeringevil.com/2013/10/06/the-threat-becomes-less-mysterious-and-more-scary-operation-icefog-apt-spearfishing-hidden-linx-aurora-red-october-darkseoul-shadow-network-sea/

Tel Shahar – Where the state-of-the-art facility to host the new ballistic-missile  defense system (  Arrow 3 ) in Israel – Accidentally disclosed by the Penatgon

https://engineeringevil.com/2013/06/04/us-discloses-israels-top-secret-military-base-outraging-tel-aviv/

Privacy & Civil Liberties Board (PCLOB) – Board set up to oversee domestic spying whose meetings and members are difficult to confirm and may not exist

https://engineeringevil.com/2013/06/21/mysterious-privacy-board-touted-by-obama-has-deep-government-ties-even-worse-may-all-be-a-lie/

Spearfishing – Emailed viruses

https://engineeringevil.com/2013/10/06/the-threat-becomes-less-mysterious-and-more-scary-operation-icefog-apt-spearfishing-hidden-linx-aurora-red-october-darkseoul-shadow-network-sea/

Hidden Lynx – Chinese Haking Group / Cyber-Mercenaries

https://engineeringevil.com/2013/09/29/hacking-firm-hints-at-cybercrimes-professional-elite-cyber-mercenaries-hidden-lynx%e2%80%af/

https://engineeringevil.com/2013/10/06/the-threat-becomes-less-mysterious-and-more-scary-operation-icefog-apt-spearfishing-hidden-linx-aurora-red-october-darkseoul-shadow-network-sea/

Operation Aurora – General mass espionage

https://engineeringevil.com/2013/02/27/apt1-that-scary-cyber-cold-war-gang-not-even-chinas-best/

https://engineeringevil.com/2013/10/06/the-threat-becomes-less-mysterious-and-more-scary-operation-icefog-apt-spearfishing-hidden-linx-aurora-red-october-darkseoul-shadow-network-sea/

NetTraveler – Espionage Programhttps://engineeringevil.com/2013/10/06/the-threat-becomes-less-mysterious-and-more-scary-operation-icefog-apt-spearfishing-hidden-linx-aurora-red-october-darkseoul-shadow-network-sea/

Red October  ( Rocra ) – Espionage campaign against military personnel in Eastern Europe, Central Asia, and dozens of other nations (U.S., Australia, Ireland, Switzerland, Belgium, Brazil, Spain, South Africa, Japan, and the UAE.) . Features include an advanced cryptographic spy-module designed to lift data from Acid Cryptofiler, which is known to be used by NATO, the European Union, European Parliament and European Commission since the summer of 2011 to encrypt classified information.

https://engineeringevil.com/2013/01/14/red-october-has-been-spying-on-world-leaders-for-5-years-researchers/

https://engineeringevil.com/2013/10/06/the-threat-becomes-less-mysterious-and-more-scary-operation-icefog-apt-spearfishing-hidden-linx-aurora-red-october-darkseoul-shadow-network-sea/

DarkSeoul – Hacker Group (North Korean / China ? )

https://engineeringevil.com/2013/10/21/kimsuky-and-the-secret-menace/

https://engineeringevil.com/2013/10/06/the-threat-becomes-less-mysterious-and-more-scary-operation-icefog-apt-spearfishing-hidden-linx-aurora-red-october-darkseoul-shadow-network-sea/

Shadow Network – Chinese Espionage Group

https://engineeringevil.com/2013/10/06/the-threat-becomes-less-mysterious-and-more-scary-operation-icefog-apt-spearfishing-hidden-linx-aurora-red-october-darkseoul-shadow-network-sea/

Team Cymru – Monitor Criminal Activty ( non profit )

https://engineeringevil.com/2013/09/29/hacking-firm-hints-at-cybercrimes-professional-elite-cyber-mercenaries-hidden-lynx%e2%80%af/

Follow the Money – Financial Intelligence division NSA

https://engineeringevil.com/2013/09/16/nsa-monitors-financial-world/

SWIFT – European Financial Network

https://engineeringevil.com/2013/09/16/nsa-monitors-financial-world/

https://engineeringevil.com/2013/10/24/europe-furious-over-us-spying-allegations-worse-than-orwells-1984-emergency-meeting-called/

https://engineeringevil.com/2013/10/24/nsa-monitored-calls-of-35-world-leaders-after-us-official-handed-over-contacts/

https://engineeringevil.com/2013/06/30/europe-furious-over-nsa-spying-on-eu-facilities-the-us-he-added-once-the-land-of-the-free-is-suffering-from-a-security-syndrome/

https://engineeringevil.com/2013/02/28/bank-of-america-alleged-key-word-list/

GHCQ Cheltenham – Processes Middle East  emails, telephone calls and web traffic

https://engineeringevil.com/2013/09/05/nsa-and-gchq-unlock-encryption-used-to-protect-emails-banking-and-medical-records-%e2%80%a2-250m-a-year-us-program-works-covertly-with-tech-companies-to-insert-weaknesses-into-products-%e2%80%a2-sec/

https://engineeringevil.com/2013/08/22/exclusive-edward-snowden-leaks-reveal-uks-secret-middle-east-internet-surveillance-base/

XKeyscore – spying program is used to skim regional data from the Visa network

https://engineeringevil.com/2013/07/31/xkeyscore-nsa-tool-presentation/

https://engineeringevil.com/2013/07/31/xkeyscore-nsa-tool-collects-nearly-everything-a-user-does-on-the-internet/

SOD ( Special Operations Division )- Two dozen partner agencies comprise the unit, including the FBI, CIA, NSA, Internal Revenue Service and the Department of Homeland Security.

https://engineeringevil.com/2013/08/05/secret-us-drug-agency-unit-passing-surveillance-information-to-authorities/

Total Information Awareness ( TIA ) – Pentagon intelligence gathering

https://engineeringevil.com/2013/05/05/are-all-telephone-calls-recorded-and-accessible-to-the-us-government/

ThinThread – Software correlated data from emails, phone calls, credit card payments and Internet searches and stored and mapped it in ways that could be analysed.

https://engineeringevil.com/2012/09/15/nsa-whistleblower-illegal-data-collection-a-violation-of-everybodys-constitutional-rights-the-story-of-thinthread/

TrailBlazzer – Relaced Thinthread Software to correlated data from emails, phone calls, credit card payments and Internet searches and stored and mapped it in ways that could be analysed.

https://engineeringevil.com/2013/10/11/laptops-snowden-took-to-hong-kong-russia-were-a-diversion/

https://engineeringevil.com/2013/02/28/bank-of-america-alleged-key-word-list/

https://engineeringevil.com/2012/09/15/nsa-whistleblower-illegal-data-collection-a-violation-of-everybodys-constitutional-rights-the-story-of-thinthread/

Going Dark -FBI initiative to extend its ability to wiretap virtually all forms of  electronic communications.

https://engineeringevil.com/2012/11/03/fbi-ordered-to-disclose-going-dark-surveillance-program-police-can-place-surveillance-cameras-on-private-property-without-a-search-warrant/

International Mobile Subscriber Identity locator  ( IMSI ) – These devices allows the government to electronically search large areas for a particular cell phone’s signal—sucking down data on potentially thousands of innocent people along the way.

https://engineeringevil.com/2012/10/26/stingrays-the-biggest-technological-threat-to-cell-phone-privacy-you-dont-know-about/

Stingrays – Another name for International Mobile Subscriber Identity locator

https://engineeringevil.com/2012/10/26/stingrays-the-biggest-technological-threat-to-cell-phone-privacy-you-dont-know-about/

Tripwire or Trapwire – information collection software OR lines in the sand which, if crossed, cover  personnel levels, security measures, and in this case, the extreme step of  suspending operations.

https://engineeringevil.com/2012/09/21/u-s-government-wreckless-use-of-trapwire-may-have-compromised-highly-senesitive-private-information-on-millions-of-citizens-to-corporations/

https://engineeringevil.com/2012/08/15/cities-use-surveillance-systems-that-identify-potential-terrorists-with-facial-recognition/

Voice Grid Nation ( VoiceGrid program ) – is a system that uses advanced algorithms to match identities to voices. Brought to the US by Russia’s Speech Technology Center, it claims to be capable of allowing police, federal agencies and other law enforcement personnel to build up a huge database containing up to several million voices.

https://engineeringevil.com/2012/09/22/speak-up-us-law-enforcement-to-use-russian-software-to-store-millions-of-voices/

Prism ( Discovered prior to Snowden ) – NSA direct access to the servers of nine prominent Internet companies, enabling the spy agency to track e-mails, photographs, and video, among other forms of digital communications .

https://engineeringevil.com/2013/06/06/by-the-numbers-the-nsas-super-secret-spy-program-prism/

Bullrun ( Edgehill GHCQ version ) –  NSA’s abilities to defeat the encryption used in specific network communication technologies. Bullrun involves multiple sources, all of which are extremely sensitive.” The document reveals that the agency has capabilities against widely used online protocols, such as HTTPS, voice-over-IP and Secure Sockets Layer (SSL), used to protect online shopping and banking.

https://engineeringevil.com/2013/09/05/nsa-and-gchq-unlock-encryption-used-to-protect-emails-banking-and-medical-records-%e2%80%a2-250m-a-year-us-program-works-covertly-with-tech-companies-to-insert-weaknesses-into-products-%e2%80%a2-sec/

Cheesy Name –  aimed at singling out encryption keys, known as ‘certificates’, that might be vulnerable to being cracked by GCHQ supercomputers.

https://engineeringevil.com/2013/09/05/nsa-and-gchq-unlock-encryption-used-to-protect-emails-banking-and-medical-records-%e2%80%a2-250m-a-year-us-program-works-covertly-with-tech-companies-to-insert-weaknesses-into-products-%e2%80%a2-sec/

Humint Operations Team (HOT) Humint, short for “human intelligence –  Information gleaned directly from sources or undercover agents.The old fashion way.

https://engineeringevil.com/2013/09/05/nsa-and-gchq-unlock-encryption-used-to-protect-emails-banking-and-medical-records-%e2%80%a2-250m-a-year-us-program-works-covertly-with-tech-companies-to-insert-weaknesses-into-products-%e2%80%a2-sec/

https://engineeringevil.com/2013/02/28/bank-of-america-alleged-key-word-list/

Sigint [signals intelligence] enabling – The program “actively engages US and foreign IT industries to covertly influence and/or overtly leverage their commercial products’ designs”

https://engineeringevil.com/2013/09/05/nsa-and-gchq-unlock-encryption-used-to-protect-emails-banking-and-medical-records-%e2%80%a2-250m-a-year-us-program-works-covertly-with-tech-companies-to-insert-weaknesses-into-products-%e2%80%a2-sec/

https://engineeringevil.com/2013/06/17/obama-nsa-secret-data-gathering-transparent/

Kimsuky – North Korean Hacking group

https://engineeringevil.com/2013/10/21/kimsuky-and-the-secret-menace/

GENIE –  US computer specialists break into foreign networks so that they can be put under surreptitious US control.

https://engineeringevil.com/2013/09/02/nsa-spied-on-brazilian-and-mexican-presidents-media/

WABASH – Tapping French offices U.N.

https://engineeringevil.com/2013/09/02/nsa-targeted-french-foreign-ministry/

Blackfoot – Tapping French offices New York

https://engineeringevil.com/2013/09/02/nsa-targeted-french-foreign-ministry/

Tempora – GCHQ’s Tapping transatlantic  fibre-optic cables

https://engineeringevil.com/2013/10/16/british-spies-hid-activities-from-mps/

Sensitive relationship teams – Staff that were urged in one internal guidance paper to disguise the origin of “special source” material in their reports for fear that the role of the companies as intercept partners would cause “high-level political fallout”.

https://engineeringevil.com/2013/06/21/gchq-taps-fibre-optic-cables-for-secret-access-to-worlds-communications/

Menwith Hill in North Yorkshire – NSA intercept station

Atlas International Trading – Company in the Pentagon’s Foreign Materiel Acquisition and Exploitation program

Advanced Persistent Threat Groups – Nitro, Aurora, ElderWood, Sykipot, Comment Crew (APT1), NightDragon, FlowerLday, Luckycat, Pitty Panda.

Western Tradition Partnership, or WTP – Compromise U.S. Politicians – Dark Money

Obama.com – Major campaign bundler to the Obama campaign Shanghai based domain owned by Robert  Roche with strong  commercial ties to the  Chinese government. He has made 19 visits to the  White House since 2009, including a personal meeting with Obama.

Stuxnet , Duqu , Wiper, Flame – Tilded Platform malware used for cyberespionage and cybersabotage in the Middle East.

WildSage – NSA database. The system “provides a mechanism for cybersecurity centers to share signatures at the SECRET classification level

Port reader software – FBI desire to harvest information on users’ “dialing, routing, addressing, or signaling information associated with a target’s communications”. And, as the FBI stated, this information will only include source, destination IP addresses and port numbers.

Dynamo – Dutch name in COMINT

Richter – German name in COMINT

One-End Foreign (1EF) solution – system, the NSA is able to direct more than half of the internet traffic it intercepts from its collection points into its own repositories

EvilOlive – NSA’s attempt to broaden 1EF Doubling its capacity

ShellTrumpet – NSA’s processor

MoonLightPath – Metadata collection for  Special Source Operations

Spinneret – Metadata collection for  Special Source Operations

Transient Thurible -GHCQ headquarters that manages  XKeyScore (XKS) and Deep Dive metadata collections

Project Riverside – found that rich individuals and private companies had been hiring unscrupulous private detectives to obtain sensitive information on targets for years.

QinetiQ North America (QQ/) – Hi-Tech U.S. defense contractors, which are the favorite target of Cyberpillaging

Acoustic vector sensor – sensor measures the movement of air, disturbed by sound waves, to almost instantly locate where a sound originated. It can then identify the noise and, if required, transmit it live to waiting ears.

One comment

Comments are closed.