Black Hat Briefings

FBI’s Hacking Tool “NIT” Is Not A Malware


1871
FBIFrom as early as the 1990s, FBI has been known to use hacking as a method and deploying malware programs to identify suspects and their online activities.
However, in the recent Playpen case which involved the identification of a few suspe.cts in a child porn ring site, Daniel Alfin, an FBI agent has argued that the hacking tool called Network Investigative Technique (NIT) used to identify the Playpen userscannot be considered as “malware.”
Your TOR usage is being watched
In many of the related cases, the warrant that was employed by the FBI to deploy the NIT has been considered invalid as per the jurisdictional limits imposed by Rule 41.
NIT Malware?
It was last year that FBI hacked a dark web child-porn site called Playpen and identified thousands of users. The FBI employed a hacking tool, NIT, which used one single warrant to uncover close to 1,300 hidden IP addresses of the users. These addresses were then traced back to the individuals.
In this context, during testimony earlierlast month by FBI agent Daniel Alfin, he argued that the hacking tool used to identify many suspects of the child-porn ring Playpen, including Jay Michaud, cannot be considered as malware because it had the authorization of the court and did not damage the computer’s security.
FBI’s NIT worked as follows: The NIT software was installed in the machines in such a way that when anyone accessed the Playpen website using the Tor browser, their IP addresses were returned.
The FBI took full control of the Playpen site to install the NIT, distribute child abuse images for two weeks and later identify the computers from which the site was accessed. Though Alfin’s argument can be thought of as correct in a limited sense, the allegation was that NIT stripped the users’ protection of maintaining anonymity without their knowledge.
Some users used Tor to mask their identities most likely when seeking illegalcontents. The NIT can be considered as “malware” by definition because it was installed to remove the protection that was consciously deployed by the users.
Senator Ron Wyden of Oregon announced the bill “Stop Mass Hacking Act,” which would curtail the FBI from using one single warrant to install and run “malware” on thousands of computers that are at unknown locations.
Recently, Judge Robert Bryan reversed his previous position, ruling that the FBI doesn’t have to disclose the Tor exploit code while simultaneously stating that theFBI should face sanctions for its stand in refusing to provide evidence.
However, the government argued back saying that as the defendant was already in possession of enough amount of evidence, there was no need for the FBI to disclose details of the so-called “malware” exploit and that no sanctions should be imposed on this account.
Malware
MalwareThough the definition of malware has always been ambiguous, the interpretation of malicious software by the government goes against the commonly understood meaning of the word.
Malware refers to any software program that installs itself and runs on a computer without the consent of the machine’s owner.
However, Alfin’s argument was that the NIT software did not make any changes to the security settings when he loaded the NIT on one of his machines.
When loaded, the NIT did not render his computer more vulnerable than it was before the installation nor did it leave behind any other residual malware, Alfin added.

Comments

Post a Comment

Popular posts from this blog

Dark Web Enables Easier Access to WMDs

Image
Dark Web Enables Easier Access to WMDs The UN’s Head of Disarmament Affairs raises concerns over the dark web, specifically how it has made it easy for terrorists to access WMDs. The head of the UN’s Disarmament Affairs, Izumi Nakamitsu, has expressed concerns over the potential availability of weapons of mass destruction (WMDs) on the dark web. According to Nakamitsu, the deluge of weapons and technology that is available for purchase or hire on various dark web markets makes it a lot easier for terrorists and other non-state actors to get their hands on dangerous WMDs. A well-visited criminal hotspot, the dark web is known for its underground marketplaces where illegal goods—both digital and physical—are bought and sold using cryptocurrency. While the majority of dark web markets, sites and forums generally have low entry barriers, a few require a more exclusive, invite-only membership to gain access to. Nakamitsu’s chief concern is the threat terrorists c...
Keep reading

Some of the Biggest Hacks Ever

Image
Some of the Biggest Hacks Ever Biggest hacks ever occurred in our modern day history A lot has happened in the cyber world over the past decade, and a lot more is still going on. Below is a list of some of the biggest hacks that have occurred in modern day history, and their corresponding impact on both parties of the attack. 1. WannaCry Just recently, the world witnessed a widespread ransomware attack that hijacked some high-stakes entities, which involved government institutions, multinationals, private companies and many more. When the virus took control of these systems, it would demand payment of $300 USDin the form of Bitcoins, to be delivered over a span three days. Failure to pay the ransom within the said number of days would make the required payment double to a sum of $600USD. And after a duration of six days, and no payments were made, then the files would be automatically deleted from the system. The virus caused a major shakeup for the affected enti...
Keep reading

Black Hat Briefings

Image
Messaging App Kik Launches Its Own Cryptocurrency Messaging app Kik just announced that it would be launching a new cryptocurrency called Kin, to be used to buy digital services within the app. On May 25, Kik Interactive announced that the firm would be introducing its own cryptocurrency, which will enable users to purchase digital services on its platform. Messaging app Kik just announced that it would be launching a new cryptocurrency called Kin, to be used to buy digital services within the app.Kik Interactive is behind the “Kik” messaging service based in Canada. The free messaging and chat app, founded in 2009, is geared towards a teen demographic......... It boasts of around 300 million registered users. The proposed cryptocurrency is called “Kin,” a short form of Kinship or community. The plans to launch the cryptocurrency are currently underway and the company’s officials expect the system to debut sometime this year. The firm did not reveal how ...
Keep reading