Lawyer claims police placed malware on requested external hard drive

A lawyer in Arkansas is claiming that police planted three different pieces of malware on an external hard drive in a controversial whistleblower case against the police force, reports 5 News Online.

North Little Rock attorney Matthew Campbell was allegedly sent the contentious hard drive by Fort Smith Police Department, after a discovery demand filed in the case, which was brought about by three current or former police officers under the state’s Whistle-Blower Act. The case relates to the alleged illegal investigation of officers reporting wrongful termination and overtime pay practices in the department.

However, court documents filed last week revealed Campbell’s claims that alongside email and data requested, three pieces of distinct malware were also present, in a subfolder labeled ‘D:\Bales Court Order’. Ars Technica reveals them to be Win32:Zbot-AVH[Trj] (a password logger and backdoor), NSIS:Downloader-CC[Trj] (a program to connect back to attackers’ servers) and two instances of Win32Cycbot-NF[Trj] (a backdoor).

Speaking to Arkansas Online, Campbell said of the malware, “One would have kept my Internet active even if I tried to turn it off, one would have stolen any passwords that I entered in, and the other would have allowed the installation of other malicious software.”

“It’s not like these are my only clients, either. I’ve got all my client files in my computer. I don’t know what they were looking for, but just the fact that they would do it is pretty scary.”

In a signed affidavit from Campbell’s security consultant Geoff Mueller stated, “Upon informing Mr. Campbell of the presence of these Trojans, he provided me with information that the Fort Smith Police Department claimed to be running a secure system with real-time virus and malware protection. In my experience, if the FSPD system is actually as described, these Trojans would not exist on the system.”

“Additionally, the placement of these trojans, all in the same sub-folder and not in the root directory, means that [t]he trojans were not already on the external hard drive that was sent to Mr. Campbell, and were more likely placed in that folder intentionally with the goal of taking command of Mr. Campbell’s computer while also stealing passwords to his accounts,” he added.

When asked for comment by Arkansas Online, Police Chief Kevin D Lindsey said, “We’re going to let the courts speak on that when the time comes. We’ll let the courts get this worked out and let the disposition speak for itself.”

Author , ESET

Follow us

Copyright © 2017 ESET, All Rights Reserved.