The case of the Trojan Wookiee
Aaron Caffrey walked free from Southwark Crown Court last week after being cleared of launching a DDoS attack on one of the busiest ports on the US, even though both the prosecution and defence agreed that Caffrey's machine was responsible for launching the attack. He had a list of 11,608 IP addresses of vulnerable servers on his hard drive, and there was a 'suspicious' script on his system, which was signed by someone called Aaron, but he was found not guilty by a jury.
This is not the first time a Trojan horse has been used to explain illegal activity. In two recent cases, defendants were acquitted of child pornography-related offences by arguing that images found on their computers were placed there by hackers using Trojan horse programs.
In Caffrey's case, a Trojan horse was never discovered, but the defence counsel argued that a Trojan armed with a 'wiping tool' was responsible, giving control of the computer to an attacker who launched the DDoS attack, edited the system's log files and then deleted all traces of the Trojan.
[ Read more ]