Browse Definitions:
Definition

Smurf Suite

Contributor(s): Matthew Haughn

The Smurf Suite is a collection of smartphone hacking and spyware tools that can remotely activate iPhones and Android devices and collect user data through eavesdropping and data access. According to the iPhone toolkit’s documentation, it can enable access to “SMS, MMS, e-mails, web history, call records, videos, photos, address book, notes and calendar” data.

How the Smurf Suite tool set works:

  • Dreamy Smurf handles power management, activating the target phone by sending an encrypted SMS message that is undetectable to the user.  According to security experts, the phone is probably outfitted with software that shifts it to low-power mode instead of turning off, which allows remote communications.
  • Nosey Smurf turns on the device’s microphone; the hot mic enables eavesdropping even when the user thinks the device is powered off.
  • Tracker Smurf activates GPS to enable more precise geolocation than is possible with cell tower triangulation.
  • Paranoid Smurf hides all traces of the Smurf Suite so the malware cannot be detected by the user or a third party.
  • Porus is a rootkit that enables administrative control.

The Smurf Suite was developed collaboratively by the United States National Security Agency (NSA), the British Government Communications Headquarters (GCHQ) and Communications Security Establishment Canada (CSES). In development, the malware tool kit was known as Warrior Pride. The suite was brought to the public’s attention in 2013 with Edward Snowden’s disclosure of classified information about government surveillance of citizens.

In this BBC interview, Edward Snowden explains how government agencies hack into smartphones without the user’s knowledge:

This was last updated in June 2016

Continue Reading About Smurf Suite

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Nice to know. Just another reason I do not own a smart phone. I'll keep my old flip phone !.
Cancel

-ADS BY GOOGLE

Extensions de fichiers et formats de fichiers

Motorisé par:

SearchCompliance

  • smart contract

    A smart contract, also known as a cryptocontract, is a computer program that directly controls the transfer of digital currencies...

  • risk map (risk heat map)

    A risk map, also known as a risk heat map, is a data visualization tool for communicating specific risks an organization faces. A...

  • internal audit (IA)

    An internal audit (IA) is an organizational initiative to monitor and analyze its own business operations in order to determine ...

SearchSecurity

SearchHealthIT

SearchDisasterRecovery

  • incident management plan (IMP)

    An incident management plan (IMP), sometimes called an incident response plan or emergency management plan, is a document that ...

  • crisis communication

    Crisis communication is a method of corresponding with people and organizations during a disruptive event to provide them with ...

  • Zerto

    Zerto is a storage software vendor that specializes in enterprise-class business continuity and disaster recovery in virtual and ...

SearchStorage

  • network-attached storage (NAS)

    Network-attached storage (NAS) is dedicated file storage that enables multiple users and heterogeneous client devices to retrieve...

  • SSD write cycle

    An SSD write cycle is the process of programming data to a NAND flash memory chip in a solid-state storage device.

  • data storage

    Data storage is the collective methods and technologies that capture and retain digital information on electromagnetic, optical ...

Close