Home

The FBI created a fake malware-spreading newspaper article to trace a bomb threat | The Verge

In 2007, the FBI was tracking down a series of bomb threats against Timberline High School, originating from an anonymous MySpace page. To break through that anonymity, agents had to get creative — but new documents suggest that in catching the culprit, the FBI may have committed a crime of its own…

Documents uncovered by the Electronic Frontier Foundation show that the FBI created a fake web page designed to look like a Seattle Times article, and used the page to spread tracking malware onto the suspect’s computer. “Not only does that cross a line, it erases it,” said a Times Editor. The Associated Press echoed the concern, saying, “this ploy violated AP’s name and undermined AP’s credibility.”

Called CIPAV, the FBI’s spyware tool is designed to harvest a computer’s IP address, MAC address, and most recent session login — effectively identifying the person who visited the page. In this case, agents sent a message to the suspect’s Myspace page, containing a link to the dummy article. Once the suspect clicked on the link, the page covertly uploaded CIPAV to the suspect’s computer, leading agents back to the person running the page. But there’s still a lot of secrecy surrounding the CIPAV tool, particularly the bureau’s protocols for deploying the spyware. Those are some pretty sneaky tactics for the “white hats.”

The FBI created a fake malware-spreading newspaper article to trace a bomb threat | The Verge.

Advertisements