The FBI custom-designs malware to snare suspects, a court has heard, and has been able “for years” to watch suspects through PC webcams – without turning on the light to warn the victim the camera is active, a court has heard.
The Washington Post reported that the decision to use such malware was taken on a case-by-case basis – and the software was “custom built” to catch individuals. The information was revealed by a search warrant requested by the FBI, searching for a suspect known only as “Mo”, who had allegedly delivered bomb threats.
In the case of “Mo”, the FBI designed malware which would install itself on any computer where he accessed his Yahoo Mail address, to gather location information on the suspect.
The New York Post said that Mo had eluded the FBI by using encrypted phone services, and claimed that, “Mo even sent the FBI pictures of himself fashionably decked out in an Iranian military uniform.” The court papers revealed that the FBI “works much like other hackers”, the Post’s report said, delivering malware via phishing emails.
The case was widely reported in the technology press. Neowin quoted Marcus Thomas, former assistant director of the FBI’s Operational Technology Division, who revealed the detail regarding webcam malware – pointing out that this technology is “mainly” used to investigate terrorists or the “most serious” criminals.
The Verge points out, however, that the malware, “never actually executed as designed”, and the suspect remains at large. “despite fears of a Big Brother police state, the FBI’s hacking team is nowhere near all-knowing.
Malware allowing access to webcams and remote control of them is widely used by cybercriminals – some of whom rent out access to infected computers, as reported by We Live Security here.
ESET researcher Stephen Cobb offers a video demonstration of the capabilities of such “remote access tools” in a blog post here, saying, “How serious can a malicious software infection be these days? Short answer = Very. The video below is a 16 minute answer to that question using pictures of what a malware infection looks like to the bad guy who manages to get a RAT installed on a victim machine. That’s R.A.T. for Remote Access Tool which is one of the most popular categories of “crimeware” being deployed by cybercriminals today.”
Author Rob Waugh, We Live Security