FBI used spying malware to track down terror suspect
Posted on 09.12.2013
Court documents related to a recent FBI investigation have revealed that the agency has been permitted to try to compromise with spying malware the computer of a potential terrorist in order to discover his identity and location, The Washington Post reports.


The suspect called himself Mo, and has repeatedly threatened to set up bombs in a number of public facilities across the US. The threats came via email, video chat, and Google Voice (Internet-based phone service), but Mo used a virtual proxy to prevent the agents to discover details about his computer and IP address.

Going by the information he revealed about himself, the photos he sent, and the information he entered when registering webmail accounts, the agents believed that he was a 27-year-old Iranian male living in Tehran, but they didn't know for sure. They feared that he could be in the US and, therefore, physically able to execute the attacks.

Defeated by the precautions he took to remain anonymous online, the FBI decided to petition a court for permission to use a piece of malware they have in their arsenal, which would harvest the wanted information and the contents of the suspect's computer and, hopefully, reveal his identity.

The judge approved their request, allowing them to use an “Internet web link” that would result in the download of the malware once the suspect opened his Yahoo email account - apparently without any interaction on his part. Yahoo said they had no knowledge of the attack, and that they haven't participated in any was in it.

According to a note submitted to the court by an agent, the "attack" was partially successful - the malware didn't download, but they managed to get two IP addresses that confirmed the suspect was in Tehran.

Previous court appeals of a similar sort in two different cases were once approved and once denied (for being too intrusive).

It seems obvious that the FBI is using this type of attacks very sparingly, but there is no denying that the issue deserves attention and should be discussed publicly, especially as the US Congress has yet to remark on it or approve legislation that would allow it.









Spotlight

(IN)SECURE Magazine issue 43 released!

Posted on 16 September 2014.  |  (IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. This issue covers web application security, mobile hacking, certification, Black Hat, and much more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Sep 17th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //