BlackShades malware bust ends in nearly 100 arrests worldwide

CNET reports: Law enforcement officials from 19 countries joined forces over the last two days to takedown nearly 100 alleged hackers. These purported hackers were said to be creating, selling, and using what the FBI calls a “particularly insidious” computer malware known as BlackShades.

Over the course of the operation, officials’ searched 359 houses and confiscated more than 1,100 data storage devices, such as computers, laptops, cell phones, routers, external hard drives, and USB memory sticks. Law enforcement also seized “substantial quantities” of cash, illegal firearms, and drugs, according to the European Union’s law enforcement agency Europol.

BlackShades is a type of malicious software that acts as a Remote Access Tool, or RAT — letting users remotely control a victim’s computer. Once a hacker installs BlackShades onto a victim’s computer, they can see anything on the computer, such as documents, photographs, passwords, banking credentials, and more. They can also deny access to files, record victims’ keystrokes, and activate the computer’s webcam.

One case of BlackShades use documented by Europol involved an 18-year-old man from the Netherlands who allegedly infected roughly 2,000 computers to take photos of women and girls who were using the machines.

Since 2010, BlackShades has been distributed and sold to thousands of people worldwide in more than 100 countries and used to infect more than half a million computers, according the FBI. Certain versions of the malware can be bought for as little as $40. [Continue reading...]

facebooktwittermail

Israel’s aggressive spying in the U.S. mostly hushed up

Jeff Stein reports: When White House national security advisor Susan Rice’s security detail cleared her Jerusalem hotel suite for bugs and intruders Tuesday night, they might’ve had in mind a surprise visitor to Vice President Al Gore’s room 16 years ago this week: a spy in an air duct.

According to a senior former U.S. intelligence operative, a Secret Service agent who was enjoying a moment of solitude in Gore’s bathroom before the Veep arrived heard a metallic scraping sound. “The Secret Service had secured [Gore’s] room in advance and they all left except for one agent, who decided to take a long, slow time on the pot,” the operative recalled for Newsweek. “So the room was all quiet, he was just meditating on his toes, and he hears a noise in the vent. And he sees the vent clips being moved from the inside. And then he sees a guy starting to exit the vent into the room.”

Did the agent scramble for his gun? No, the former operative said with a chuckle. “He kind of coughed and the guy went back into the vents.”

To some, the incident stands as an apt metaphor for the behind-closed-doors relations between Israel and America, “frenemies” even in the best of times. The brazen air-duct caper “crossed the line” of acceptable behavior between friendly intelligence services – but because it was done by Israel, it was quickly hushed up by U.S. officials.

Despite strident denials this week by Israeli officials, Israel has been caught carrying out aggressive espionage operations against American targets for decades, according to U.S. intelligence officials and congressional sources. And they still do it. They just don’t get arrested very often. [Continue reading...]

facebooktwittermail

FBI keeps internet flaws secret to defend against hackers

Bloomberg reports: The Obama administration is letting law enforcement keep computer-security flaws secret in order to further U.S. investigations of cyberspies and hackers.

The White House has carved out an exception for the Federal Bureau of Investigation and other agencies to keep information about software vulnerabilities from manufacturers and the public. Until now, most debate has focused on how the National Security Agency stockpiles and uses new-found Internet weaknesses, known as zero-day exploits, for offensive purposes, such as attacking the networks of adversaries.

The law enforcement operations expose a delicate and complicated balancing act when it comes to agencies using serious security flaws in investigations versus disclosing them to protect all Internet users, according to former government officials and privacy advocates. [Continue reading...]

facebooktwittermail

FBI abruptly walks out on Senate briefing after being asked how ‘insider threat’ program avoids whistleblowers

Mike Masnick writes: While we’ve been disappointed that Senator Chuck Grassley appears to have a bit of a double standard with his staunch support for whistleblowers when it comes to Ed Snowden, it is true that he has fought for real whistleblower protections for quite some time. Lately, he’s been quite concerned that the White House’s “Insider Threat Program” (ITP) is really just a cover to crack down on whistleblowers. As we’ve noted, despite early promises from the Obama administration to support and protect whistleblowers, the administration has led the largest crackdown against whistleblowers, and the ITP suggests that the attack on whistleblowers is a calculated response. The program documentation argues that any leak can be seen as “aiding the enemy” and encourages government employees to snitch on each other if they appear too concerned about government wrong-doing. Despite all his high minded talk of supporting whistleblowers, President Obama has used the Espionage Act against whistleblowers twice as many times as all other Presidents combined. Also, he has never — not once — praised someone for blowing the whistle in the federal government.

Given all of that, Senator Grassley expressed some concern about this Insider Threat Program and how it distinguished whistleblowers from actual threats. He asked the FBI for copies of its training manual on the program, which it refused to give him. Instead, it said it could better answer any questions at a hearing. However, as Grassley explains, when questioned about this just 10 minutes into the hearing, the FBI abruptly got up and left: [Continue reading...]

facebooktwittermail

Defense: FBI wanted marathon suspect as informant

n13-iconThe Associated Press reports: Lawyers for Boston Marathon bombing suspect Dzhokhar Tsarnaev say the FBI asked his older brother and fellow suspect to be an informant on the Chechen and Muslim community.

In court filings Friday, the defense asked a judge to order federal prosecutors to turn over any evidence on brother Tamerlan Tsarnaev, arguing that it could help persuade a jury to spare Dzhokhar Tsarnaev the death penalty if it supports the defense theory Tamerlan was the “main instigator” of the deadly bombing.

Dzhokhar’s lawyers say they want records of all FBI contact with Tamerlan based on information from the Tsarnaev family and others that the FBI “questioned Tamerlan about his Internet searches, and asked him to be an informant, reporting on the Chechen and Muslim community.”

The defense notes that a report issued earlier this week by the House Homeland Security Committee suggests that government agents monitored Tamerlan and his communications during 2011 and possibly 2012. The report said the FBI Joint Terrorism Task Force conducted a threat assessment of Tamerlan, an ethnic Chechen from southern Russia, in response to a 2011 alert from the Russian government that he was becoming radicalized.

Dzhokhar’s lawyers wrote: “Any surveillance, evidence, or interviews showing that Tamerlan’s pursuit of jihad predated Dzhokhar’s would tend to support the theory that Tamerlan was the main instigator of the tragic events that followed.” [Continue reading...]

facebooktwittermail

Why did the FBI label Ryan Shapiro’s dissertation on animal rights a threat to national security?

a13-icon

facebooktwittermail

FBI ordered to justify shielding of records sought about alleged sniper plot targeting ‘Occupy’ leaders

n13-iconThe Wall Street Journal reports: A federal judge has ordered the Federal Bureau of Investigation to give her a better explanation for its refusal to turn over information to a student researching an alleged plot to assassinate “Occupy” protest leaders in Houston.

The ruling stems from a lawsuit brought by a Massachusetts Institute of Technology graduate student who is seeking records from the FBI related to a Houston spin-off of the 2011 Occupy Wall Street protests and an alleged sniper plot. The student claims that the heavily redacted responses he got back from the government violated the Freedom of Information Act.

Information about the alleged plot first surfaced in FBI documents — released through a prior FOIA request by a civil-rights legal organization in Washington – that referenced a “plan to kill the leadership via suppressed sniper rifles,” according to court documents. It’s not known who was behind the alleged plot or whether the FBI investigated it.

In a ruling last week, Judge Rosemary M. Collyer of the U.S. District Court for the District of Columbia ordered the FBI to explain with more detail why it claims that certain information requested by the student, Ryan Noah Shapiro, is exempted under FOIA.

The law governing the public’s access to records allows the FBI to shield “information compiled for law enforcement purposes” if disclosure would interfere with an investigation, endanger life or cause other types of harm.

That exemption was repeatedly cited by FBI FOIA chief David Hardy in a filing to the court in support of an FBI motion to dismiss Mr. Shapiro’s lawsuit. Some information was redacted, according to Mr. Hardy’s filing, because it involved information shared with local law enforcement agencies related to an investigation of “potential criminal activity by protestors involved with the ‘Occupy’ movement in Houston.” He stated that the potential crimes included “domestic terrorism” and “advocating overthrow of government.”

Judge Collyer said that justification wasn’t sufficient. [Continue reading...]

facebooktwittermail

Syrian Electronic Army ‘leak’ of Microsoft billing promotes its own agenda

e13-iconIs Bashar al-Assad a defender of human rights? Does the Syrian Electronic Army respect free speech? No and no. But do either have an interest in exploiting the widespread fears of government surveillance? You bet!

If the leaking of Microsoft documents revealing the charges it makes for complying with FBI requests, serves the public interest (which it probably does), no one should conclude on that basis that the Syrian Electronic Army having facilitated this leak, had any interests in mind other than its own and the government it supports.

Daily Dot reports: Microsoft often charges the FBI’s most secretive division hundreds of thousands of dollars a month to legally view customer information, according to documents allegedly hacked by the Syrian Electronic Army.

The SEA, a hacker group loyal to Syrian President Bashar al-Assad, is best known for hijacking Western media companies’ social media accounts. (These companies include the Associated Press, CNN, NPR, and even the Daily Dot.) The SEA agreed to let the Daily Dot analyze the documents with experts before the group published them in full.

The documents consist of what appear to be invoices and emails between Microsoft’s Global Criminal Compliance team and the FBI’s Digital Intercept Technology Unit (DITU), and purport to show exactly how much money Microsoft charges DITU, in terms of compliance costs, when DITU provides warrants and court orders for customers’ data.

In December 2012, for instance, Microsoft emailed DITU a PDF invoice for $145,100, broken down to $100 per request for information, the documents appear to show. In August 2013, Microsoft allegedly emailed a similar invoice, this time for $352,200, at a rate of $200 per request. The latest invoice provided, from November 2013, is for $281,000.

None of the technologists or lawyers consulted for this story thought that Microsoft would be in the wrong to charge the FBI for compliance, especially considering it’s well within the company’s legal right to charge “reasonable expenses.” Instead, they said, the documents are more of an indication of just how frequently the government wants information on customers. Some of the DITU invoices show hundreds of requests per month.

For ACLU Principal Technologist Christopher Soghoian, the documents reiterated his stance that charging a small fee is a positive, in part because it creates more of a record of government tracking. In 2010, Soghoian actually chided Microsoft for not charging the Drug Enforcement Agency for turning over user records when instructed to by courts, noting that companies like Google and Yahoo did.

Nate Cardozo, a staff attorney for the Electronic Frontier Foundation, agreed, and told the Daily Dot the government should be transparent about how much it pays. [Continue reading...]

facebooktwittermail

When it’s hard to catch terrorists or crooks, it’s easier to create them

Mike Masnick writes: For years now, we’ve been writing about the FBI’s now popular practice of devising its own totally bogus “terrorist plots” and then convincing some hapless individual to join the “plot” only to later arrest them to great fanfare, despite the fact that everyone (other than the arrested person) involved was actually an FBI agent, and there was no actual danger or real plot (or real terrorists) involved. In fact, we just had yet another such story. We’ve written about similar occurances over and over and over and over and over and over and over and over and over and over and over again — and, depressingly, it seems that courts repeatedly uphold this practice as not being entrapment. Many have been questioning why the FBI is spending so much time and money creating fake terrorist plots that don’t seem to protect anyone (but do give the FBI/DOJ lots of big headlines about “stopping terrorism!”), but the courts have basically let it go.

However, it finally appears that one judge thinks these kinds of things go too far — and it happens to be Judge Otis Wright, whose name you may recall from being the first judge to really slap down Prenda law for its obnoxious copyright trolling practices. Reader Frankz alerts us to the news Wright has dismissed a case involving the Bureau of Alcohol Tobacco and Firearms (ATF) for a similar “made up crime” and completely trashed the government for doing these kinds of things. As with his order in the Prenda case, I urge you to read his full dismissal which is granted for “outrageous government conduct.” Judge Wright, it appears, is not one to hide his opinions about those who abuse the legal system. The ruling kicks off with a hint of where this is heading:

“‘Lead us not into temptation,’” Judge Noonan warned. United States v. Black,
733 F.3d 294, 313 (Noonan, J., dissenting). But into temptation the Government has gone, ensnaring chronically unemployed individuals from poverty-ridden areas in its fake drug stash-house robberies. While undoubtedly a valid law-enforcement tool when employed to target or prevent demonstrated criminal enterprises, reverse stings offend the United States Constitution when used solely to obtain convictions.

This case didn’t involve “terrorism” like the FBI cases, but rather a similar “reverse sting” in which an ATF agent pretends to be a cocaine courier, tells some dupes about a “stash house” he knows about and then pushes them to rob the house. [Continue reading...]

facebooktwittermail

Listen: Dead men tell no tales

f13-iconThis American Life: Last May, a weird story made the news: the FBI killed a guy in Florida who was loosely linked to the Boston Marathon bombings. He was shot seven times in his living room by a federal agent. What really happened? Why was the FBI even in that room with him? A reporter spent six months looking into it, and she found that the FBI was doing a bunch of things that never made the news.

This story was reported by Susan Zalkind in a collaboration with Boston Magazine. Check out Susan’s print story for more about the murders in Waltham, MA, and the investigation into Ibragim Todashev.

facebooktwittermail

The murders before the Boston Marathon

f13-iconSusan Zalkind writes: It’s nearly midnight in a nondescript condo complex a few blocks from Universal Studios in Orlando, and Tatiana Gruzdeva has been crying all day. Though neither of us knows it yet, as she sits on the corner of her bed and sobs in tiny convulsions, the fact that she’s talking to me will lead to her being arrested by federal agents, placed in solitary confinement, and deported back to Russia.

Next to us on the bed are nine teddy bears. Eight of them came with her from Tiraspol, Moldova. The ninth was a gift from her boyfriend, Ibragim Todashev. Today would have been Ibragim’s 28th birthday, but he is not here to see it, because in the early hours of May 22, 2013, a Boston FBI agent shot and killed him in this very apartment, under circumstances so strange that a Florida state prosecutor has opened an independent investigation. According to the FBI, just before Ibragim was shot—seven times, in two bursts, including once in the top of the head—he was about to write a confession implicating himself and alleged Boston Marathon bomber Tamerlan Tsarnaev in a brutal triple homicide that took place in Waltham, Massachusetts, in September 2011.

I’m sitting awkwardly at one end of the twin bed. She’s crying quietly, cross-legged at the other end, wearing shorts and a white shirt with sequins. Most of her outfits have sequins or rhinestones. She’s 19. I’m 26. We both have long blond hair. We’ve both been close to men who were in trouble with the law, and lost them violently. We’ve been talking for about an hour, mostly about men, and parties, and moving forward after a tragedy. Ibragim was a good man, she says. He could never have committed a murder.

“I’m here alone,” she cries. “I hope it never can be worse than this.”

I try to comfort her, but it’s complicated. We both want to know why Ibragim Todashev was killed. She wants to clear his name. For me, and for the families of the Waltham murder victims, Ibragim’s shooting may have snuffed out the last chance at finding out what really happened that night. In the back of my mind is this question: Did her dead boyfriend kill my friend Erik? [Continue reading...]

facebooktwittermail

Mole who met Bin Laden killed by Al Qaeda in Bosnia

n13-iconNBC News reports: An FBI mole who provided valuable intelligence on al Qaeda and met with Osama bin Laden was lured away from the FBI to work for the CIA, but was killed by al Qaeda operatives in Bosnia who suspected he was an informant, NBC News has learned exclusively.

The informant, a Sudan-born driver and confidante to “Blind Sheikh” Omar Abdel-Rahman, the radical Muslim cleric who allegedly masterminded the first attempt to take down the World Trade Center, had been the sole human asset providing first-person information about al Qaeda in the mid-1990s as the terror group gained strength around the globe.

According to sources familiar with the management of the mole, the FBI recruited him in 1993 because he was a known associate of the Blind Sheikh. [Continue reading...]

facebooktwittermail

White House considers four options for modifying NSA mass phone surveillance

The Wall Street Journal reports that administration lawyers have presented the White House with four options for reforming the NSA’s mass phone-surveillance program the first of which would require phone companies to store such data and deliver specific search requests.

A second option presented to the White House would have a government agency other than the NSA hold the data, according to a U.S. official. Candidates for this option could include the Federal Bureau of Investigation, which some current and former intelligence officials have recommended.

Another possibility floated in policy circles was turning the program over to the custody of the Foreign Intelligence Surveillance Court, which oversees the phone-data and other NSA surveillance programs, but judges have balked at an expanded role for the court.

A third option would be for an entity outside the phone companies or the government to hold the data, officials said. This approach has been criticized by privacy groups who say such a third party would just become an extension of the NSA and would provide no additional privacy benefit.

A final alternative would be to scrap the phone-data program and instead bolster investigative efforts under current authorities to obtain the information about possible terrorist connections some other way, an official said. Mr. Obama acknowledged this approach in his January speech, but said “more work needs to be done to determine exactly how this system might work.”

facebooktwittermail

FBI had human source in contact with bin Laden as far back as 1993

n13-iconThe Washington Times reports: In a revelation missing from the official investigations of the Sept. 11, 2001, terrorist attacks, the FBI placed a human source in direct contact with Osama bin Laden in 1993 and ascertained that the al Qaeda leader was looking to finance terrorist attacks in the United States, according to court testimony in a little-noticed employment dispute case.

The information the FBI gleaned back then was so specific that it helped thwart a terrorist plot against a Masonic lodge in Los Angeles, the court records reviewed by The Washington Times show.

“It was the only source I know in the bureau where we had a source right in al Qaeda, directly involved,” Edward J. Curran, a former top official in the FBI’s Los Angeles office, told the court in support of a discrimination lawsuit filed against the bureau by his former agent Bassem Youssef.

Mr. Curran gave the testimony in 2010 to an essentially empty courtroom, and thus it escaped notice from the media or terrorism specialists. The Times was recently alerted to the existence of the testimony while working on a broader report about al Qaeda’s origins.

Members of the Sept. 11 commission, congressional intelligence committees and terrorism analysts told The Times they are floored that the information is just now emerging publicly and that it raises questions about what else Americans might not have been told about the origins of al Qaeda and its early interest in attacking the United States.

“I think it raises a lot of questions about why that information didn’t become public and why the 9/11 Commission or the congressional intelligence committees weren’t told about it,” said former Rep. Peter Hoekstra, Michigan Republican, who chaired the House Permanent Select Committee on Intelligence from 2004 through 2007 when lawmakers dealt with the fallout from the 9/11 Commission’s official report.

“This is just one more of these examples that will go into the conspiracy theorists’ notebooks, who say the authorities are not telling us everything,” Mr. Hoekstra told The Times in an interview last week. “That’s bad for the intelligence community. It’s bad for law enforcement and it’s bad for government.”

Former Rep. Lee Hamilton, an Indiana Democrat who co-chaired the 9/11 Commission with former New Jersey Gov. Thomas Kean, said that as far as he can remember, the FBI never told the commission that it had been working a source so close to bin Laden that many years before 9/11.

“I do not recall the FBI advising us of a direct contact with Osama bin Laden,” Mr. Hamilton told The Times in a recent interview. [Continue reading...]

facebooktwittermail

A threat to the U.S. power grid?

e13-iconAn attack on a California power station last year “appears to be preparation for an act of war,” according to a senior technical executive for the Electric Power Research Institute, the Wall Street Journal reports.

After the attack, Jon Wellinghoff, who was chairman of the Federal Energy Regulatory Commission at the time, flew to California accompanied by experts from the U.S. Navy’s Dahlgren Surface Warfare Center in Virginia, where Navy SEALs train.

After walking the site with PG&E officials and FBI agents, Mr. Wellinghoff said, the military experts told him it looked like a professional job.

In addition to fingerprint-free shell casings, they pointed out small piles of rocks, which they said could have been left by an advance scout to tell the attackers where to get the best shots.

“They said it was a targeting package just like they would put together for an attack,” Mr. Wellinghoff said.

Wellinghoff branded this as “the most significant incident of domestic terrorism involving the grid that has ever occurred.”

On the one hand this attacks appears to have been meticulously planned and professionally executed, yet to what end? It’s primary effect appears to have been to provoke fears of a larger attack, or even — at the hyperbolic level of interpretations — the fear of war.

One can’t discount the possibility that some as-yet unknown group has the ambition of crippling America’s energy supply. Yet if they were willing to go to these lengths to plan such an operation, why would they have exposed their hand and given the utility industry a heads-up on what to expect?

Just as plausible, if not more so, is the possibility that the goal of whoever carried this out has already been accomplished.

That is to say, it’s purpose may have been simply to elevate fear of domestic terrorism.

facebooktwittermail

What it’s like when the FBI asks you to backdoor your software

SecurityWatch: At a recent RSA Security Conference, Nico Sell was on stage announcing that her company — Wickr — was making drastic changes to ensure its users’ security. She said that the company would switch from RSA encryption to elliptic curve encryption, and that the service wouldn’t have a backdoor for anyone.

As she left the stage, before she’d even had a chance to take her microphone off, a man approached her and introduced himself as an agent with the Federal Bureau of Investigation. He then proceeded to “casually” ask if she’d be willing to install a backdoor into Wickr that would allow the FBI to retrieve information.

This encounter, and the agent’s casual demeanor, is apparently business as usual as intelligence and law enforcement agencies seek to gain greater access into protected communication systems. Since her encounter with the agent at RSA, Sell says it’s a story she’s heard again and again. “It sounds like that’s how they do it now,” she told SecurityWatch. “Always casual, testing, because most people would say yes.” [Continue reading...]

facebooktwittermail