Inside an Amateur Bugging Device

[Mitch] got interested in the S8 “data line locator” so he did the work to tear into its hardware and software. If you haven’t seen these, they appear to be a USB cable. However, inside the USB plug is a small GSM radio that allows you to query the device for its location, listen on a tiny microphone, or even have it call you back when it hears something. The idea is that you plug the cable into your car charger and a thief would never know it was a tracking device. Of course, you can probably think of less savory uses despite the warning on Banggood:

Please strictly abide by the relevant laws of the state, shall not be used for any illegal use of this product, the consequences of the use of self conceit.

We aren’t sure what the last part means, but we are pretty sure people can and will use these for no good, so it is interesting to see what they contain.

Continue reading “Inside an Amateur Bugging Device”

Eavesdropping With An ESP8266

In the old days, spies eavesdropped on each other using analog radio bugs. These days, everything’s in the cloud. [Sebastian] from [Hacking Beaver]  wondered if he could make a WiFi bug that was small and cheap besides. Enter the ESP8266 and some programming wizardry.

[Sebastian] is using a NodeMCU but suggests that it could be pared down to any ESP8266 board — with similar cuts made to the rest of the electronics — but has this working as a proof of concept. A PIC 18 MCU samples the audio data from a microphone at 10 kHz with an 8-bit resolution, dumping it into a 512-byte buffer. Once that fills, a GPIO pin is pulled down and the ESP8266 sends the data to a waiting TCP server over the WiFi which either records or plays the audio in real-time.

[Sebastian] has calculated that he needs at least 51.2 ms to transfer the data which this setup easily handles, but there are occasional two to three second glitches that come out of the blue. To address this and other hangups, [Sebastian] has the ESP8266 control the PIC’s reset pin so that the two are always in sync.

Continue reading “Eavesdropping With An ESP8266”

Books You Should Read: The Cuckoo’s Egg

 

The mid-1980s were a time of drastic change. In the United States, the Reagan era was winding down, the Cold War was heating up, and the IBM PC was the newest of newnesses. The comparatively few wires stitching together the larger university research centers around the world pulsed with a new heartbeat — the Internet Protocol (IP) — and while the World Wide Web was still a decade or so away, The Internet was a real place for a growing number of computer-savvy explorers and adventurers, ready to set sail on the virtual sea to explore and exploit this new frontier.

In 1986, having recently lost his research grant, astronomer Clifford Stoll was made a computer system admin with the wave of a hand by the management of Lawrence Berkeley Laboratory’s physics department. Commanded to go forth and administer, Stoll dove into what appeared to be a simple task for his first day on the job: investigating a 75-cent error in the computer account time charges. Little did he know that this six-bit overcharge would take over his life for the next six months and have this self-proclaimed Berkeley hippie rubbing shoulders with the FBI, the CIA, the NSA, and the German Bundeskriminalamt, all in pursuit of the source: a nest of black-hat hackers and a tangled web of international espionage.

Continue reading “Books You Should Read: The Cuckoo’s Egg”

Spy Tech: Nonlinear Junction Detectors

If you ever watch a spy movie, you’ve doubtlessly seen some nameless tech character sweep a room for bugs using some kind of detector and either declare it clean or find the hidden microphone in the lamp. Of course, as a hacker, you have to start thinking about how that would work. If you had a bug that transmits all the time, that’s easy. The lamp probably shouldn’t be emitting RF energy all the time, so that’s easy to detect and a dead give away. But what if the bug were more sophisticated? Maybe it wakes up every hour and beams its data home. Or perhaps it records to memory and doesn’t transmit anything. What then?

High-end bug detectors have another technique they use that claims to be able to find active device junctions. These are called Nonlinear Junction Detectors (NLJD). Spy agencies in the United States, Russian and China have been known to use them and prisons employ them to find cell phones. Their claim to fame is the device doesn’t have to be turned on for detection to occur. You can see a video of a commercial NLJD, below

Continue reading “Spy Tech: Nonlinear Junction Detectors”

Radio MDZhB

If you have a shortwave receiver, tune it to 4625 kHz. You’ll hear something that on the surface sounds strange, but the reality is even stranger still. According to the BBC, the radio station broadcasts from two locations inside Russia — and has since 1982 — but no one claims ownership of the station, known as MDZhB. According to the BBC:

[For 35 years, MDZhB] has been broadcasting a dull, monotonous tone. Every few seconds it’s joined by a second sound, like some ghostly ship sounding its foghorn. Then the drone continues.
Once or twice a week, a man or woman will read out some words in Russian, such as “dinghy” or “farming specialist”. And that’s it.

If you don’t have a shortwave handy, you can always try one of the many web-based software defined radios. Search for 4.6 MHz, and pick a location that should have propagation to Russia and you are all set.

Continue reading “Radio MDZhB”

Number Twitters

Grab a shortwave radio, go up on your roof at night, turn on the radio, and if the ionosphere is just right, you’ll be able to tune into some very, very strange radio stations. Some of these stations are just a voice — usually a woman’s voice — simply counting. Some are Morse code. All of them are completely unintelligible unless you have a secret code book. These are number stations, or radio stations nobody knows much about, but everyone agrees they’re used to pass messages from intelligence agencies to spies in the field.

A few years ago, we took a look at number stations, their history, and the efforts of people who document and record these mysterious messages used for unknown purposes. These number stations exist for a particular reason: if you’re a spy, you would much rather get caught with an ordinary radio instead of a fancy encryption machine. Passing code through intermediaries or dead drops presents a liability. The solution to both these problems lies in broadcasting messages in code, allowing anyone to receive them. Only the spy who holds a code book — or in the case of the Cuban Five, software designed to decrypt messages from number stations — can decipher the code.

Number stations are a hack, of sorts, of the entire concept of broadcasting. For all but a few, these number stations broadcast complete gibberish. Only to the person holding the code book or the decryption software do these number stations mean anything. However, since the first number stations went on the air over one hundred years ago, broadcasting has changed dramatically. We now have the Internet, and although most web services cannot be considered a one-to-many distribution as how broadcasting is defined, Twitter can. Are there number stations on Twitter? There sure are. Are they used by spies or agents of governments around the world? That’s a little harder to say.

Continue reading “Number Twitters”

Run Your Own Numbers Station

Numbers stations are shortwave stations that broadcast cryptic messages that are widely assumed to be used for communications between nation states and spies. But who’s to say it’s up to the government to have all the fun? If you’ve always dreamed of running your own spy ring, you’ll need a way to talk to them too. Start with this guide on how to run your own numbers station.

The requirements are simple – you just need random numbers, one time pads for each recipient (available from our store!) and a way to send the audio – ideally a powerful shortwave transmitter, but for an intelligence agency on a budget, online streaming will work. Then you’re ready to send your message. [Jake Zielke] shares techniques on how to easily encode a message into numbers for transmission, and how to encrypt them with one time pad techniques. Done properly, this is an unbreakable form of encryption. [Jake] then rounds out the guide with tips on how to format your station’s transmissions to address multiple secret agents effectively.

It’s a great way to get started in the world of spooky secret radio communications. All the tools needed to get started are available on the page, so you’ll be up and running in no time. Meanwhile, why not do a little more research on the history of numbers stations?