Does the fbi want the data stolen by the badtrans worm?
At the end of november this year, the nasty badtrans worm was running rampant, logging keystrokes if the title of the current window contained certain letter combinations (z. B. Pas) began. The heise-newsticker reported in detail about the little beast.
The data was stored on the local hard disk as c:\windows\system\cp_25389.Nls stored, but at the same time also sent by e-mail to several different addresses. One of them was [email protected], a free e-mail forwarder. There, after the successful start-up of badtrans, more than 100 e-mails per minute with logged keyboard data arrived at. The data of more than 100.000 spied computers ended up with the operator of ijustgotfired.Com, the provider monkeybrains.
Now comes the exciting part: according to a report on daily rotten, the fbi contacted monkeybrains last week and demanded full access to all the stolen data. If this is true, it would be an absurdity: the collected data was stolen by a randomly assembled mass of victims (whose members had at most their operating system and their naive handling of the same redmond operating system in common). Finding relevant information in this mass is about as useful as randomly selecting addresses, searching houses and hoping to make an arrest.
Monkeybrains did not hand over the data to the fbi, which did not have any judicial authorization, but set up a page where you can search for spied email addresses, passwords and logged texts. Don’t panic – passwords and texts are included in the mask, but can’t really be scanned.
Lest there be any misunderstanding: searching the badtrans database would be a completely different dimension than the magic lantern software currently in the crossfire of criticism (cf.Fbi confirms development of magic lantern sniffing program). Magic latern is, roughly speaking, a trojan programmed by the fbi to spy on suspects’ data by means of key-logging. In the fight against crime, measures such as surveillance, bugging or telephone tapping are legitimate, as long as they are approved by a judge. Magic latern is only the digital continuation of these things. Those who reject magic lanterns had to consistently reject all forms of investigation, which would render the rule of law defenseless and absurd.
The main point is that magic lantern can only be used in accordance with the law, that is, after judicial approval. On the other hand, they wanted to tap into data that had been stolen indiscriminately from innocent people all over the world without judicial authorization. If the story is really so true, someone should answer for it.