Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / Data Security / FBI Appears To Be Using Hacker Tactics
FBI Appears To Be Employing Hacker Tactics
FBI Appears To Be Employing Hacker Tactics
By Seth Fitzgerald / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
Malicious software has reportedly been spotted in the wild that exploits a Firefox security vulnerability to determine the identity of users accessing Web sites using anonymizing services such as Tor.

Tor (The Onion Router) software, installed on Web servers to provide anonymity, has been known to passively facilitate illegal behavior -- but some security researchers believe the FBI may have found a way around those security settings. The researchers have been looking at recent uses of the malware and have discovered that it sends information to an IP address in Reston, Va.

"It seems unlikely that the malware was written by criminals as the information it is sending back to its masters is of little use to anyone other than law enforcement agencies," Alan Woodward, chief technology officer at security advisory company Charteris, told the BBC.

Using Hacker Tactics

Security engineer Vlad Tsrklevich told ZDNet "it's pretty clear that it's the FBI or it's some other law enforcement agency that's U.S.-based." Although this assumption is based on the Reston server's location, the FBI has come under scrutiny for its cyber investigative practices for years.

A number of audits in the past decade have brought up questions regarding the legality of some of the FBI's tactics. In particular, an audit by the Department of Justice earlier this year revealed that many of the investigative cyber tools available to the FBI were being mismanaged and used for spying.

CIPAV (computer and Internet Protocol address verifier), a tool meant to analyze anonymous Web traffic, has allowed the FBI and other law enforcement agencies to gather information and then determine who was accessing specific Web sites. Although the tool has primarily been used against hackers, predators, and other criminal suspects, the American Civil Liberties Union and Electronic Frontier Foundation have raised concerns that CIPAV and other such technologies could be abused.

A number of tools that facilitate these investigative techniques reportedly have been sold to the FBI in the past couple of years. Companies such as HackingTeam SRL and Gamma International have not disclosed their customers, but it is suspected that they have worked with the FBI, according to former U.S. officials speaking with The Wall Street Journal.

The Discovery

Many hidden Web sites using Tor suddenly went offline over the weekend, according to one of Tor's administrators. The hosting provider behind these Web sites, Freedom Hosting, has been used by traffickers in child pornography.

The Web sites seem to be connected to an FBI case that resulted in the arrest of an Irish man whom the FBI has called "the largest facilitator of child porn on the planet."

The Onion Router quickly tried to distance itself from the case as much as possible and assured members of the press that the organization is not connected to Freedom Hosting.

Since this is the first time that researches have been able to see what appears to be the CIPAV code itself, anti-virus programs may be able to provide updates that block the code from infecting computers in the future.

Tell Us What You Think


Like Us on FacebookFollow Us on Twitter

Networking giant Cisco has introduced a new line of firewalls designed for businesses that perform high volumes of sensitive transactions, such as those in banking and retail.

© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.