FBI used spying malware to track down terror suspect
Posted on 09.12.2013
Court documents related to a recent FBI investigation have revealed that the agency has been permitted to try to compromise with spying malware the computer of a potential terrorist in order to discover his identity and location, The Washington Post reports.


The suspect called himself Mo, and has repeatedly threatened to set up bombs in a number of public facilities across the US. The threats came via email, video chat, and Google Voice (Internet-based phone service), but Mo used a virtual proxy to prevent the agents to discover details about his computer and IP address.

Going by the information he revealed about himself, the photos he sent, and the information he entered when registering webmail accounts, the agents believed that he was a 27-year-old Iranian male living in Tehran, but they didn't know for sure. They feared that he could be in the US and, therefore, physically able to execute the attacks.

Defeated by the precautions he took to remain anonymous online, the FBI decided to petition a court for permission to use a piece of malware they have in their arsenal, which would harvest the wanted information and the contents of the suspect's computer and, hopefully, reveal his identity.

The judge approved their request, allowing them to use an “Internet web link” that would result in the download of the malware once the suspect opened his Yahoo email account - apparently without any interaction on his part. Yahoo said they had no knowledge of the attack, and that they haven't participated in any was in it.

According to a note submitted to the court by an agent, the "attack" was partially successful - the malware didn't download, but they managed to get two IP addresses that confirmed the suspect was in Tehran.

Previous court appeals of a similar sort in two different cases were once approved and once denied (for being too intrusive).

It seems obvious that the FBI is using this type of attacks very sparingly, but there is no denying that the issue deserves attention and should be discussed publicly, especially as the US Congress has yet to remark on it or approve legislation that would allow it.









Spotlight

The role of the cloud in the modern security architecture

Posted on 31 July 2014.  |  Stephen Pao, General Manager, Security Business at Barracuda Networks, offers advice to CISOs concerned about moving the secure storage of their documents into the cloud and discusses how the cloud shaping the modern security architecture.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //