SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
TOP Security!
23 Nov 2016

FBI hacked into over 8,000 computers in 120 countries with just one warrant

In January, experts reported on the FBI's “unprecedented” hacking operation, in which the agency, using a single warrant, deployed malware to over one thousand alleged visitors of a dark web child pornography site.

Now, it has emerged that the campaign was actually several orders of magnitude larger. In all, the FBI obtained over 8,000 IP addresses, and hacked computers in 120 different countries, according to a transcript from a recent evidentiary hearing in a related case.

The figures illustrate the largest ever known law enforcement hacking campaign to date, and starkly demonstrate what the future of policing crime on the dark web may look like. This news comes as the US is preparing to usher in changes that would allow magistrate judges to authorize the mass hacking of computers, wherever in the world they may be located.

“We have never, in our nation's history as far as I can tell, seen a warrant so utterly sweeping,” federal public defender Colin Fieman said in a hearing at the end of October, according to the transcript. Fieman is representing several defendants in affected cases.

Those cases revolve around the FBI's investigation into dark web child pornography site Playpen. In February 2015, the FBI seized the site, but instead of shutting it down, the agency ran Playpen from a government server for 13 days. However, even though they had administrative control of the site, investigators were unable to see the real IP address of Playpen's visitors, because users typically connected to it through the Tor network.

In order to circumvent that anonymity, the FBI deployed what it calls a network investigative technique (NIT), or a piece of malware. That malware, which included a Tor Browser exploit, broke into the computer of anyone who visited certain child pornography threads on Playpen. It then sent the suspect's real IP address back to the FBI.

According to court filings, the FBI obtained over 1,000 IP addresses of alleged US-based users. Over the past year, experts have also found that the FBI hacked computers in Australia, Austria, Chile, Colombia, Denmark, Greece, and likely the UK, Turkey, and Norway too. But, those are only a tiny handful of countries in which the FBI was hacking computers. According to the newly published transcript, the FBI hacked computers in at least 120 countries.

“The fact that a single magistrate judge could authorize the FBI to hack 8000 people in 120 countries is truly terrifying,” Christopher Soghoian, principal technologist at the American Civil Liberties Union (ACLU) told in a phone call. (Soghoian has testified for the defense in Playpen cases). Bizarrely, the FBI also hacked what has been described as a “satellite provider,” according to the transcript.

“So now we are into outer space as well,” Fieman said in the hearing. The Department of Justice has had an intense battle on its hands over the past few months, especially around the validity of the warrant used for this hacking operation. According to a filing from the Department of Justice, fourteen court decisions have found that the warrant was not properly issued pursuant to Rule 41 of the Federal Rules of Criminal Procedure, which governs how search warrants can be authorized.

The main issue has been that the judge who signed the warrant, Magistrate Judge Theresa C. Buchanan in the Eastern District of Virginia, did not have the authority to greenlight searches outside of her own district. In four cases, courts have then decided to throw out all evidence obtained by the malware because of the violation.

But, changes to Rule 41 will likely come into effect on December 1, meaning that magistrate judges will be allowed to authorize warrants just like the one used in the Playpen investigation. The changes “give rank and file law enforcement officers way too much discretion to conduct hacking techniques within and outside the United States,” Ahmed Ghappour, visiting assistant professor at UC Hastings College of Law, and author of the paper “Searching Places Unknown: Law Enforcement Jurisdiction on the Dark Web,” told in a phone call.

Soghoian added “With the changes to Rule 41, this is probably the new normal.” “We should expect to see future operations of this scale conducted not just by the FBI, but by other federal, state and local law enforcement agencies, and we should expect to see foreign law enforcement agencies hacking individuals in the United States, too,” he added. Indeed, in August experts reported that Australian authorities had hacked criminal suspects in the United States. It is unclear whether a warrant was obtained.

The Department of Justice said it received request for comment, but did not provide a direct response in time for publication. However, the DoJ published a blog post on Monday further justifying the Rule 41 changes. “We believe technology should not create a lawless zone merely because a procedural rule has not kept up with the times,” Assistant Attorney General Leslie R. Caldwell of the Criminal Division wrote. The FBI declined to comment.

As far as is publicly known, these mass hacking techniques have been limited to child pornography investigations. But with the changes to Rule 41, there is a chance US authorities will expand their use to other crimes too. “That's the real question: are they going to use watering-hole attacks, are they going to use network investigative techniques to pursue, for example, visitors of the Silk Road, or visitors of a drug marketplace, or other types of illicit services?” Ahmed said.

Tags:
FBI USA information leaks
Source:
Motherboard
1990
Other NEWS
3 Jul 2020 safeum news imgage An encrypted messaging service has been infiltrated by police
4 May 2020 safeum news imgage Two-Factor Authentication ​What Is It and Why You Should Use It
12 Dec 2019 safeum news imgage Encryption is under threat - this is how it affects you
4 Nov 2019 safeum news imgage Should Big Decisions Be Based on Data or Your Intuition?
7 Jun 2018 safeum news imgage VPNFilter malware infecting 500,000 devices is worse than we thought
4 Jun 2018 safeum news imgage Hackers target Booking.com in criminal bid to steal hundreds of thousands from customers
1 Jun 2018 safeum news imgage Operator of World's Top Internet Hub Sues German Spy Agency
30 May 2018 safeum news imgage US says North Korea behind malware attacks
29 May 2018 safeum news imgage Facebook and Google targeted as first GDPR complaints filed
25 May 2018 safeum news imgage A new reason to not buy these cheap Android devices
24 May 2018 safeum news imgage Flaws in smart pet devices, apps could come back to bite owners
23 May 2018 safeum news imgage Google sued for 'clandestine tracking' of 4.4m UK iPhone users' browsing data
21 May 2018 safeum news imgage LocationSmart reportedly leaked phone location data onto the web
18 May 2018 safeum news imgage The SEC created its own scammy ICO to teach investors a lesson
17 May 2018 safeum news imgage Thieves suck millions out of Mexican banks in transfer heist
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015