The FBI is willing to pay top dollar to download some malware

FBI

The Federal Bureau of Investigation is willing to pay top dollar for the malicious, infectious software the rest of us pay to keep out of our computers, according to the Federal Business Opportunities website.

A Monday price quote request by the Investigative Analysis Unit of the agency’s Operational Technology Division is asking computer security developers and retailers to help the agency build a library of malware for an undisclosed reason, letting the companies name their price.

“The IAU has a team of highly trained technical analysts, specialists and engineers providing on-scene technical support, employing innovative, custom developed analytical methods and tools to analyze collected data,” the request reads. “Critical to the success of the IAU is the collection of malware from multiple industry, law enforcement and research sources.”

The agency’s minimum specifications for malware to purchase include 35 gigabytes of shareable malware per day, updated every 24 hours, across a wide range of file types.

“The collection of this malware allows the IAU to provide actionable intelligence to the investigator in both criminal and intelligence matters,” the request states, describing the acquisition of malware as ”critical to the success of the IAU’s mission to obtain global awareness of malware threat.”

The request also indicates the FBI will test any such malware before purchase, and that it will notify vendors when and where to send the software, after which the test products will be deleted due to “the nature of the solicitation.”

Initial descriptions and quotes for malware packages are due on Feb. 14.

Important: Today is your last chance to keep your internet connection

March8Internet_main_0227

Tomorrow, July 9th, the FBI will shutdown the DNS servers which allow the computers infected with this malware to use the Internet.

If you want to make sure you will keep your internet working, act today and check your computer to see if it’s infected by DNS Changer or not, here is a very easy to use tool: Tool available for those affected by the DNS-Changer

Webcam cyber-sextortionist preyed on over 200 women

A perverted hacker who spied upon more than 200 women via their webcams and microphones, after infecting their computers with malware, was arrested earlier this year by the FBI after a two year investigation.

The 31-year-old man broke into victims’ personal computers, and stole personal information. Threatening to share the private information with their parents and email contacts, the man pressured the young women (some of them still young teenagers) into providing him with risqué pictures and videos.

The FBI’s Los Angeles cyber division, who investigated the case, described the case as a chilling example of “sextortion”.

According to a report on the FBI’s website, the attacks were spread by the hacker who posed as a young woman on a social networking website:

In several instances, the hacker posed online as a young woman’s friend or sister and sent messages with attachments asking if the victim wanted to see a scary video. Because the messages appeared to be from a trusted source, the victims usually didn’t think twice about opening the attachment. When they did, the virus secretly installed itself, and the hacker had total control over their computers - including all files and folders, webcams, and microphones.

We’ve seen many other cases in the past where innocent users’ webcams have been remotely controlled by hackers for sexual kicks.

In early 2005, for instance, Spanish authorities fined a student who took surreptitious movies of unsuspecting users, and arrested a 37-year-old man who spied on victims via a webcam while stealing banking information.

The following year, Adrian Ringland, from the British town of Ilkeston, Derbyshire, was sentenced to jail for ten years after admitting posing as a minor on internet chatrooms and using spyware to take explicit photographs via children’s webcams. And in 2008, a 27-year-old Canadian man was charged with using spyware to take over the webcams of women as young as 14 and coercing them into posing naked for him.

Pretty disgusting stuff I’m sure you’ll agree, and you can imagine how all the victims in these case must feel utterly violated by what happened to them.

But, in this latest investigation, there is a way for you to help. The FBI are asking for assistance in finding other victims of the sextortionist.

How can you help?

The hacker in the latest webcam-spying case used a variety of screen names and email addresses, which are listed below. The FBI asks that if you have information regarding the case (there may be other victims) to contact your nearest FBI office orsubmit a tip to them online.

Screen names:

  • gui_blt
  • Woods05
  • CoFfEkId014
  • ELEvatrHZrD03
  • Pimpcess03666
  • Your3name3here03
  • Bri23nice
  • Dmagecntr137
  • H2IOW14
  • ELEvATrhRZd03
  • Playgrl37
  • Your3name3here3
  • goldlion14
  • Hotchit13w

Email address:

There are some more details of this case on Gary Warner’s Cybercrime & Doing Time blog.

Young people’s PCs must be properly protected with the latest anti-virus software, security patches and firewalls. It is also essential that young people are taught how to behave safely online, to avoid being exploited by sick-minded hackers.

Thanks for helping, and stay safe online.

What have you taught your children about staying safe online? How easy has it been to take the issues of cyber-security seriously? Leave a comment below and let us know your thoughts.

Taken from Sophos Labs