Blog Post

UK spy catalog describes tools for spamming, poll-rigging, social media manipulation and more

Stay on Top of Enterprise Technology Trends

Get updates impacting your industry from our GigaOm Research Community
Join the Community!

Remember the Joint Threat Research Intelligence Group, the unit of British spy agency GCHQ that uses criminal-style techniques to disrupt and discourage online activism? Now, thanks to a new Snowden document published late Monday by The Intercept, we know JTRIG also developed tools for manipulating online polls, “shaping” what people see, and spamming on an epic scale.

The document comprises screenshots of a GCHQ wiki page for JTRIG tools and techniques. It’s a sort of menu for other departments in GCHQ, showing what tools have been developed or were under development – the page was last updated in July 2012, and a note near the top says “We don’t update this page anymore,” pointing users to a newer page.

Apart from providing a list of rather hilarious codenames with frequent geek culture/gaming references (CONCRETE DONKEY is a Worms weapon; POD RACE a Star Wars thing) and a few nods to questionable music (a data collection system called JAZZ FUSION has a subsystem called TECHNO VIKING), the page also gives an interesting insight into modern propaganda and disinformation techniques.

Using JTRIG’s toolset, agents can:

  • Spoof an email address and send mail from it (CHANGELING, or SCRAPHEAP CHALLENGE for BlackBerry users – “Ready to fire, but see constraints”)
  • Send out spam emails on mass scale (BADGER – “Ready to fire”)
  • Send out audio messages to large numbers of phones or “repeatedly bomb a target number with the same message” (CONCRETE DONKEY – “In development”)
  • Spam a target with text messages (CANNONBALL – “Ready to fire”) and send spoofed text messages (BURLESQUE – “Ready to fire”)
  • Send out SMS spam to lots of people (WARPATH – “Ready to fire”)
  • Spam instant messaging users with “a tailored message” (PITBULL – “In development”)
  • Fax-spam (SERPENTS TONGUE – “In redevelopment” for some reason)
  • Automate interaction and alias management on social networks including Twitter(s twtr) (SYLVESTER)
  • “Produce and disseminate multimedia via the web” (SKYSCRAPER – “Ready to fire”)
  • Amplify messages, normally video, on sites like YouTube(s goog) (GESTATOR)
  • “Change the outcome of online polls” (UNDERPASS – “In development”)
  • Clone and alter websites in real-time (HAVOK)
  • “Masquerade Facebook Wall Posts for individuals or entire countries” (CLEAN SWEEP – “Ready to fire”)
  • Insert media into target networks (SPACE ROCKET)
  • Boost website hits and rankings (BOMB BAY – “In development”) and inflate page views on websites (SLIPSTREAM – “Ready to fire”)
  • Use denial-of-service attacks (PREDATORS FACE and ROLLING THUNDER)

So, by the looks of it, agents can send out mass messages on a variety of platforms, shape which websites people are most likely to see – both by boosting some sites and crushing others with denial-of-service attacks — and shape the conversation on social networks. 50 Cent Party, eat your heart out.

There’s also a section entitled “Shaping and Honeypots” that mentions a URL shortening service (DEADPOOL), a “secure one-to-one web based dead-drop messaging platform” (HUSK), a file-sharing site (LONGSHOT), an image hosting website (PISTRIX) and a “public online group against dodgy websites” (NIGHTCRAWLER). It would be lovely to know which sites and services those codenames refer to.

Also, GCHQ-ers can spy on people and attack targets’ computers in various ways, as one would expect:

  • “Permanently disable a target’s account on their computer” (ANGRY PIRATE – “Ready to fire” with restrictions)
  • Disrupt target’s Windows(s msft) computer (STEALTH MOOSE – “Ready to fire” with restrictions)
  • Block the target from being able to send or receive email or view online material (SUNBLOCK – “Tested, but operational limitations”)
  • Identify and encrypt files on a target’s computer (SWAMP DONKEY – “Ready to fire” with restrictions)
  • Find private photos on Facebook (SPRING BISHOP)
  • Get Skype call and chat records, and contact lists, in real-time (MINIATURE HERO)

And so on. This is quite the catalog.

3 Responses to “UK spy catalog describes tools for spamming, poll-rigging, social media manipulation and more”

  1. They chose which users on YouTube become celebrities because the user knowingly or unknowingly is pushing the nWo agenda. they do this by becoming quite popular online themselves through their satanic coven networking and then liking and forwarding certain people online to others, so people with really good information and truthful information never make it to the top. Snowden did not reveal anything we did not already know. The fact the state controlled mass media jumped on him is proof they didn’t care to give away a few secrets through his false hero story. True whistle-blowers never make the news. Ted Gunderson? Fritz Springmeier?

  2. You know. Perhaps the insanity is to a point where its time to just walk away from the ‘convenient’ Internet and do things differently. A uber successful Kickstarter is going on now called icloak that lets you – via dedicated thumbdrive – use any computer to do anon work with out leaving anything behind.

    The more we do to give these schmucks headaches the better.