FBI apparently has a trojan called CIPAV which it uses to obtain information about the computers used by suspects under investigation for computer crime.
This affidavit seeks permission to install the CIPAV through MySpace, which suggests something like a browser exploit embedded in a message sent to the suspect. It is interesting to speculate whether this exploit targets Internet Explorer or Firefox (or possibly even both).
The following quote from page 16 of the affidavit leads me to believe that the FBI has several ready-made exploits, each targeted at a different browser:
It is requested that this court issue a search warrant authorizing … the use of multiple CIPAVs until one CIPAV is activated by the activating computer.
The investigators could then simply try each one in turn, until one succeeds in activating the trojan and sending information back.Several news outlets have contacted AV vendors to get clarification on whether they will detect government trojans such as CIPAV. Some have declined to comment. Needless to say, TrojanHunter will always be detecting trojans, no matter what their source.
August 2, 2007 at 12:01 am |
[...] FBI Trojan FBI apparently has a trojan called CIPAV which it uses to obtain information about the computers used by suspects under […] [...]
October 20, 2007 at 10:17 pm |
They’ve got something floating around out there. Have fun trying to access full content, check your email before someone else checks it first, and in general have privacy and freedom of speech online if you’re one of their targets. Redownload, play around awhile if you think you have something nasty on your computer. Then sit back and ponder when you run across programs with names like fake internet. Be afraid. No, seriously, be very afraid.