The spy tool that the US government ordered Yahoo to install on its systems last year at the behest of the NSA or the FBI was a “poorly designed” and “buggy” piece of malware, according to two sources closely familiar with the matter

Last year, the US government served Yahoo with a secret order, asking the company to search within its users’ emails for some targeted information, as first reported by Reuters this week. It’s still unclear what was the information sought, but The New York Times, citing an anonymous official source, later reported that the government was looking for a specific digital “signature” of a “communications method used by a state-sponsored, foreign terrorist organization.” ...

...But two sources familiar with the matter told Motherboard that this description is wrong, and that the tool was actually more like a “rootkit,” a powerful type of malware that lives deep inside an infected system and gives hackers essentially unfettered access. The rootkit-like tool was found by Yahoo’s internal security testing team during one of their checkups, according to a source.

“They assumed it was a rootkit installed by hackers,” an ex-Yahoo employee, who requested anonymity to discuss sensitive issues, told Motherboard. “If it was just a slight modification to the spam and child pornography filters, the security team wouldn't have noticed and freaked out.”