SoylentNews is people
SoylentNews
ArsTechnica reports that Matt Campbell, a North Little Rock attorney who represents police department whistleblowers supplied an external hard drive to the Fort Smith Police Department for them to copy emails and other evidence. When it was returned, he discovered that it contained three well-known trojan viruses:
According to court documents filed last week in the case, Campbell provided police officials with an external hard drive for them to load with e-mail and other data responding to his discovery request. When he got it back, he found something he didn't request. In a subfolder titled D:\Bales Court Order, a computer security consultant for Campbell allegedly found three well-known trojans, including:
- Win32:Zbot-AVH[Trj], a password logger and backdoor
- NSIS:Downloader-CC[Trj], a program that connects to attacker-controlled servers and downloads and installs additional programs, and
- Two instances of Win32Cycbot-NF[Trj], a backdoor
All three trojans are usually easily detected by antivirus software. In an affidavit filed in the whistle-blower case, Campbell's security consultant said it's unlikely the files were copied to the hard drive by accident, given claims by Fort Smith police that department systems ran real-time AV protection.
"Additionally, the placement of these trojans, all in the same sub-folder and not in the root directory, means that [t]he trojans were not already on the external hard drive that was sent to Mr. Campbell, and were more likely placed in that folder intentionally with the goal of taking command of Mr. Campbell's computer while also stealing passwords to his accounts."
Will the Fort Smith Police Department be held accountable? Place your bets...
(Score: 5, Insightful) by q.kontinuum on Wednesday April 15 2015, @11:07AM
but I bet they find something to charge the attorney with. Maybe cyber-civil disorder because he didn't install the viruses?
Registered IRC nick on chat.soylentnews.org: qkontinuum
(Score: 4, Insightful) by FatPhil on Wednesday April 15 2015, @11:15AM
And therefore I think you've got a bloody good chance of being right.
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 2) by Justin Case on Wednesday April 15 2015, @11:28AM
Don't you suppose those viruses are covered by the DMCA? Does he have a license for them?
Your honor, we caught him in possession of weapons of mass cyber-terrorism.
(Score: 2) by choose another one on Wednesday April 15 2015, @11:54AM
My guess - Interfering with an investigation.
Same as the risk if you remove / destroy a bug or gps tacker or similar (or stick the tracker on another car etc.).
Of course there is a tiny problem in this case - they targeted a lawyer, and they are not supposed to be able to "investigate" stuff that is attorney-client privileged...
(Score: 5, Insightful) by tathra on Wednesday April 15 2015, @05:45PM
this would be a good time for lawyers to attack parallel construction. [wikipedia.org] the cops don't care that they couldn't use the evidence "legally" because they were simply going to create a 'legitimate' source for the evidence. once they laundered the illegally-obtained evidence such that it could be used to get a warrant, they would then use the warrant to get all the rest of the evidence that they already had so they could use it in the courts.
the DEA, in their never-ending quest to destroy America and the constitution, has managed to completely destroy any trust that remained in the legal system by consistently using illegal and unconstitutional methods to enforce unconstitutional laws. thanks to their pride and joy, parallel construction, it must be assumed that all evidence was obtained illegally and then laundered, because law enforcement has every incentive to do it and zero reasons not to, and no punishments for it even if they get caught.
(Score: 2, Insightful) by Anonymous Coward on Thursday April 16 2015, @12:56AM
I'm disappointed that the lawyers didn't load the trojans onto a honeypot system and then use it to access 'bait' privileged information on extensively logged servers. Then they'd have a devastating civil case, and the threat of state or federal criminal charges as leverage.
(Score: 2) by c0lo on Wednesday April 15 2015, @02:53PM
Nah, they (the PD) "forgot" to put in the README.1st and the .NFO files, can't accuse the receiver for the breach of protocol.
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford