criminal

now browsing by tag

 
 

The #FBI Used #Classified #Hacking #Tools in Ordinary #Criminal #Investigations

The FBI’s Remote Operations Unit (ROU), tasked with hacking into computers and phones, is one of the Bureau’s most elusive departments. But a recent report from the Office of the Inspector General (OIG) for the Department of Justice has now publicly acknowledged the unit’s existence seemingly for the first time. The report also revealed that the ROU has used classified hacking tools—techniques typically reserved for intelligence purposes—in ordinary criminal investigations, possibly denying defendants the chance to scrutinize evidence, as well as destabilizing prosecutors’ cases against suspects.

“Using classified tools in criminal cases is risky for all sides,” Ahmed Ghappour, associate professor of law at Boston University School of Law, and who has researched law enforcement hacking extensively, told Motherboard in a Twitter message.

The ROU is part of the FBI’s Operational Technology Division (OTD), which handles the Bureau’s more technical surveillance methods. The OIG’s report says ROU “provides computer network exploitation capabilities” and has “engineers and vendors who attempt to develop techniques that can exploit mobile devices.” A previous Wall Street Journal report said the FBI can use malware to remotely activate microphones on Android devices.

In 2013, then American Civil Liberties Union (ACLU) principal technologist Chris Soghoian uncovered ROU’s existence by piecing together LinkedIn profiles and sections of documents released through the Freedom of Information Act. Soghoian found that an Eric Chuang heads the ROU, and it appears Chuang is still leading the unit now—the OIG report mentions the current head became chief in 2010.

While most of the OIG’s new report focuses on how the FBI did not fully explore its technical options for accessing the iPhone of one of the San Bernardino terrorists in 2016, several sections shine more light on the ROU, and how they are using their hacking tools. One mentions the ROU chief, based on long standing policy, sees a “line in the sand” against using national security tools in criminal cases—this was why the ROU initially did not get involved at all with finding a solution to unlocking the San Bernardino iPhone. Indeed, it’s important to remember that as well as a law enforcement agency, the FBI also acts as an intelligence body, gathering information that may be used to protect the country, rather than bring formal charges against suspects.

But that line can be crossed with approval of the Deputy Attorney General to use the more sensitive techniques in ordinary investigations, the report adds.

“The ROU Chief was aware of two instances in which the FBI invoked these procedures,” a footnote in the report reads. In other words, although it seemingly only happened twice, the FBI has asked for permission to use classified hacking techniques in a criminal case.

It’s not clear which two cases the ROU Chief is referring to. However, the FBI previously deployed a Tor Browser exploit to over 8,000 computers around the world, including some in China, Russia, and Iran, based on one, legally contentious warrant. At the time of the operation in February 2015, the tool was unclassified. But as Motherboard found using court records, the following year the FBI moved to classify the exploit itself for reasons of national security, despite the case being a criminal child pornography investigation.

Motherboard’s recent investigation into the exploit industry found that an Australia-based company called Azimuth Security, along with its partner Linchpin Labs, has provided exploits to the FBI, including one for breaking through the Tor Browser.

Using classified tools in a criminal investigation may pose issues for both prosecutors and defendants. If the FBI used a classified technique to identify a suspect, does the suspect find out, and have a chance to question the legality of the search used against them?

“When hacking tools are classified, reliance on them in regular criminal investigations is likely to severely undermine a defendant’s constitutional rights by complicating discovery into and confrontation of their details,” Brett Kaufman, a staff attorney at the ACLU, told Motherboard in an email. “If hacking tools are used at all, the government should seek a warrant to employ them, and it must fully disclose to a judge sufficient information, in clear language, about how the tools work and what they will do,” he added.

And on the flip side, if the FBI uses a classified and sensitive tool in an ordinary case, and has to reveal information about it in court, the exploit may then be fixed by the affected vendor, such as, say, Apple. Some may seen that as a positive, but the FBI might have to drop their charges against a criminal as well.

“It’s also a risk for the government, who may be ordered to disclose classified information to the defense to satisfy due process, or face dismissal of the case,” Ghappour said.

With the mentioned Tor Browser attack, a judge ordered the FBI to give defense counsel the code of the exploit; the FBI refused, meaning the evidence the related malware obtained was thrown out altogether.

A spokesperson for the FBI declined to comment on the ROU’s cross-over into criminal cases, and instead pointed to page 16 of the report, which reads, in part, that “FBI/OTD has realigned mission areas for several Units in preparation for a larger re-organization.”

advertisement:

The post The #FBI Used #Classified #Hacking #Tools in Ordinary #Criminal #Investigations appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

“Victory for the #good guys” – #criminal behind #Mandiant #hack arrested

Source: National Cyber Security – Produced By Gregory Evans

“Victory for the #good guys” – #criminal behind #Mandiant #hack arrested

FireEye has caught the hacker behind a well-publicised attack that leaked a security researcher’s details and claimed to infiltrate the company’s networks earlier this year.

Mandiant employee Adi Peretz was the attack’s main victim as a number of his online accounts were exposed. Mandiant is a division of FireEye.

The alleged hacker, who went by the username of LeakTheAnalyst, has now been arrested according to reports, although their name and location have not been made public.

“These attackers rarely, if ever get caught…Over my career, I have found it frustrating how little risk or repercussions exist for the attackers, who hide behind the anonymity of the internet to cause harm to good, well-intentioned people,” Mandia says in a statement.

In addition to OneDrive accounts and PayPal invoices, Peretz’s LinkedIn login was compromised and his page was allegedly defaced by the hacker. The hacker also claimed to have gained access to Mandiant’s systems and customer data.

It was fun to be inside a giant company named ‘Mandiant’ we enjoyed watching how they try to protect their clients and how their dumb analysts are trying to reverse engineer malwares and stuffs. Now that ‘Mandiant’ knows how deep we breached into its infrastructure its so-called threat analysts are trying to block us. Let’s see how successful they are going to be :D,” the hackers’ say as part of their data dump,” a post on PasteBin said.

Two weeks later, the hacker posted another batch of information apparently from the data dump. They also claimed that FireEye was conducting a coverup.

“Well we were waiting FireEye for a public comment and FireEye lied again, and they lied in cost of their customers. They did a mistake. They knew we had access to JIRA, Their IDF workshop wasn’t a part of Adi Peretz’s job. They knew Adi Peretz wasn’t working on Bank Hapoalim,” The PasteBin dump says.

“They said our documents was “public”, are license files, private contract documents, private IDF workshops and internal network topologies public? If they weren’t public why did you removed our files and from public file hosting? Why did you removed our first Pastebin message? They knew the truth and they’re hiding it from their customers and the public,” it continues.

“Therefore, I am pleased that, in this case, we were able to impose repercussions for the attacker and achieve a small victory for the good guys,” Mandia concludes.

The post “Victory for the #good guys” – #criminal behind #Mandiant #hack arrested appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Is the state the biggest cyber criminal of all?

Source: National Cyber Security – Produced By Gregory Evans

The internet is the first thing humanity has built that humanity doesn’t understand Cyber crime is one of the fastest growing areas of criminal activity in the world and policing it is no longer considered exclusive to law enforcement. INTERPOL Secretary General Jürgen Stock in January 2016 stated “[…] cyber…

The post Is the state the biggest cyber criminal of all? appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Feds seize largest criminal ‘dark web’ site AlphaBay after Atlanta investigations

Source: National Cyber Security – Produced By Gregory Evans

The largest criminal marketplace on the internet, AlphaBay, has been seized by the U.S. Department of Justice with the help of Atlanta-based investigations, officials said Thursday. An AlphaBay staffer was identified through an ongoing investigation conducted in Atlanta, DOJ spokesman Bob Page said. Officials said the “dark web” operation started…

The post Feds seize largest criminal ‘dark web’ site AlphaBay after Atlanta investigations appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Horrific Human Trafficking Criminal Exposed in Birmingham, UK

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ Horrific Human Trafficking Criminal Exposed in Birmingham, UK He was name as Zakaria Saqib Mahmood by the Police Zakaria Saqib Mahmood, Pakistani origin 40 years old living in 70 Eversleigh Road, …

The post Horrific Human Trafficking Criminal Exposed in Birmingham, UK appeared first on Become007.com.

View full post on Become007.com

SINGAPORE: amended cybersecurity law introduces new criminal offences

Source: National Cyber Security – Produced By Gregory Evans

SINGAPORE: amended cybersecurity law introduces new criminal offences

Singapore has recently passed amendments to the Computer Misuse and Cybersecurity Act introducing new criminal sanctions for serious data protection and cybersecurity breaches. This development reflects similar moves by data …

The post SINGAPORE: amended cybersecurity law introduces new criminal offences appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

‘Treated like a criminal’: Florida mother of arrested 10yo with autism demands answers

A Florida mother wants to know why her 10-year-old son with autism was dragged away from his elementary school in handcuffs and forced to spend a night behind bars. Luanne Haygood told RT America’s Marina Portnaya the police were “certainly not trained.”

A mother in Florida watched as her 10-year-old son was dragged away from his elementary school in handcuffs and forced to spend the night in jail for an incident that took place last year.

Luanne Haygood captured footage of two school resource officers at Okeechobee Achievement Academy who grabbed her son by the wrists.

“I don’t want to be touched,” John Benjamin Haygood, who was slumped over in his chair, pleaded with the officers.

Read More

The post ‘Treated like a criminal’: Florida mother of arrested 10yo with autism demands answers appeared first on Parent Security Online.

View full post on Parent Security Online

‘He’s not a criminal’: Parents of Canadian charged in massive Yahoo hack speak out

‘He’s not a criminal’: Parents of Canadian charged in massive Yahoo hack speak outSource: National Cyber Security – Produced By Gregory Evans The parents of Karim Baratov, the Canadian accused in a massive cyberattack of half a billion Yahoo accounts, say the charges against their son are unfounded and it will be proven in court that he is being used as a … The post ‘He’s not a […]

The post ‘He’s not a criminal’: Parents of Canadian charged in massive Yahoo hack speak out appeared first on AmIHackerProof.com.

View full post on AmIHackerProof.com | Can You Be Hacked?

Victim of identity theft racks up five criminal convictions

identitytheft1

Source: National Cyber Security – Produced By Gregory Evans

Victim of identity theft racks up five criminal convictions

A McAllen man will have his criminal record cleaned up after authorities discovered he didn’t actually commit the crimes.
Hidalgo County District Attorney Ricardo Rodriguez filed the motion for expungement last week. It states that from 1997-1999, a man falsely

The post Victim of identity theft racks up five criminal convictions appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

The naked truth – teen sexting is stupid but not criminal

download

At the top of the list of the myriad things I’m thankful for is that the digital age wasn’t not around in the 1970s to document my extreme adolescent folly.

Being a parent of a college kid now, I cringe in parental sympathy when I hear the tales of teenagers busted for taking naked or lurid selfies and sending them out as some kind of oh-my-god-what-in-the-sam-hell-were-you-thinking flirtation.

I’m one of those parents who agonized over having the “stranger danger” talk with my daughter. Should we protect kids from what plenty of us are sure is a planet-full of perverts, all hoping to accost them?

Read More

The post The naked truth – teen sexting is stupid but not criminal appeared first on Parent Security Online.

View full post on Parent Security Online