Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

FBI may have used spyware in making case against MegaUpload

CNET's sources say the FBI likely employed its CIPAV spyware to eavesdrop on Kim Dotcom and other managers of MegaUpload
CNET's sources say the FBI likely employed its CIPAV spyware to eavesdrop on Kim Dotcom and other managers of MegaUpload

In its indictment, the FBI cites conversations between Dotcom and his top managers, including email and Skype instant-messaging (IM) logs going back five years. Yet Skype was not asked by the FBI to turn over any information nor was it served a search warrant to examine MegaUpload’s IM logs, according to CNET sources.

Skype saves chat records with contacts in a directory on the local hard drive, which could be accessed by FBI-planted spyware, such as its computer and IP address verifier (CIPAV), the CNET report noted.

According to documents obtained by the Electronic Frontier Foundation (EFF), the FBI’s CIPAV spyware, when installed on a target's computer, allows the feds to collect the following information: IP address; media access control (MAC) address; browser environment variables; open communication ports; list of the programs running; operating system type, version, and serial number; browser type and version; language encoding; the URL that the target computer was previously connected to; registered computer and company name; currently logged-in user name; and other information that would assist with "identifying computer users, computer software installed, [and] computer hardware installed", EFF said in a news release.

Although the documents discuss problems with installing the tool in some cases, other documents note that the agency's crypto unit only needs 24 to 48 hours to prepare deployment. And once the tool is deployed, “it stay[s] persistent on the compromised computer”, EFF noted.

Dotcom and three other individuals associated with the MegaUpload file sharing site were arrested in New Zealand earlier this month on racketeering and copyright infringement charges. They are awaiting extradition to the US. Three other individuals included in the indictment remain at large.

What’s Hot on Infosecurity Magazine?