updated Sat. January 20, 2024
-
The Merkle
September 8, 2017
Other tools unveiled by The Shadow Brokers include FOXACID, a tool which seemingly can be used in conjunction with United Rake. Although FOXACID has been a well-known threat for a few years now, it can still be actively used to de-anonymize Tor users. No one knows for sure if people are still usingÃâà...
DAWN.com
August 21, 2016
The malware server, also known as FOXACID, has been described in earlier leaks made by former NSA contractor Edward Snowden. SECONDDATE, however, is just one method the NSA allegedly uses to redirect a target's browser to the FOXACID server. Others involve exploiting bugs in commonly usedÃâà...
The Intercept
August 19, 2016
The top-secret manual that authenticates the SECONDDATE found in the wild as the same one used within the NSA is a 31-page document titled “FOXACID SOP for Operational Management” and marked as a draft. It dates to no earlier than 2010. A section within the manual describes administrative toolsÃâà...
Wired
April 22, 2015
That shot was essentially a spoofed Transmission Control Protocol (TCP) packet that would redirect the user's browser to a malicious LinkedIn page hosted on a FoxAcid server. The FoxAcid server would then download and install malware on the victim's machine. Quantum Insert attacks require preciseÃâà...
Infosecurity Magazine
November 11, 2013
But while visiting the FoxAcid server, the engineers' computers were infected with unnamed malware "which enabled the GCHQ spies to deeply infiltrate the Belgacom internal network and that of its subsidiary BICS, which operates a so-called GRX router system." Der Spiegel claims that the operation wasÃâà...
Register
October 11, 2013
According to Schneier, the NSA normally carry out reconnaissance prior to tricking their targets into visiting Foxacid exploit servers. Usually the NSA resorts to “man-in-the-middle” hack attempts through an NSA-run set of servers codenamed “Quantum” that sit on the Internet's “backbone”. These redirectÃâà...
Ars Technica
October 9, 2013
As last week's publication of secret NSA documents showed, the agency operates servers codenamed FoxAcid that exploit software vulnerabilities on targets' computers. By the time those attacks are unleashed, analysts already know a huge amount about the person on the receiving end. Based on thatÃâà...
EFF
October 8, 2013
The NSA has a set of servers on the public Internet with the code name “FoxAcid” used to deploy malware. Once their Quantum servers redirect targets to a specially crafted URL hosted on a FoxAcid server, software on that FoxAcid server selects from a toolkit of exploits in order to gain access to the user'sÃâà...
The Guardian
October 4, 2013
However, if a browser tries to visit a FoxAcid server with a special URL, called a FoxAcid tag, the server attempts to infect that browser, and then the computer, in an effort to take control of it. The NSA can trick browsers into using that URL using a variety of methods, including the race-condition attackÃâà...
