-Caveat Lector- WJPBR Email News List [EMAIL PROTECTED] Peace at any cost is a Prelude to War!
http://www.theregister.co.uk/content/55/23438.html FBI surveillance bonanza in BadTrans.B worm By Thomas C Greene in Washington Posted: 18/12/2001 at 05:51 GMT Millions of Outlook and Outlook Express users have been infected by the BadTrans.B worm, which logs keystrokes in every open window and periodically sends the log files to one of several e-mail dumps, presumably for later retrieval by nosey hackers. Or Feds. According to a story from Rotten.com, an ISP which hosts one of the e-mail dumps, MonkeyBrains, has received a request from the FBI to turn over all the relevant log files. MonkeyBrains has instead turned the tables on the FBI by making part of the database available to everyone on their Web site here. https://badtrans.monkeybrains.net/ If the story is true, then the FBI's intention is clear. They plan to assemble the data and grep for various key words and names in hopes of stumbling upon the passphrases of known and suspected evildoers. It's Magic Lantern on steroids, and yet it's just a dumb accident -- but one which could dump an absolute mother lode of otherwise forbidden data in the Feds' laps. While it's inconceivable that the FBI could get a search warrant for such a giant bonanza, there's nothing in the law which prevents the ISPs concerned from turning over the spoils voluntarily. At press time, MonkeyBrains claimed to have logged 5,857,277 BadTrans messages; and they host only one of a score of dumps. We've been unable to confirm the story due to temporal difficulties; but we will be checking with DoJ flacks, MonkeyBrains and several other ISPs believed to be hosting BadTrans mail dumps. We'll post a follow-up to this intriguing story as soon as we get the straight dope. ® Related Story BadTrans virus bites Windows users hard ~~~~~~~~~~~ http://www.dailyrotten.com/articles/archive/189387.html December 17, 2001 FBI wants access to worm's pilfered data A ROTTEN.COM EXCLUSIVE The FBI is asking for access to a massive database that contains the private communications and passwords of the victims of the Badtrans Internet worm. Badtrans spreads through security flaws in Microsoft mail software and transmits everything the victim types. Since November 24, Badtrans has violated the privacy of millions of Internet users, and now the FBI wants to take part in the spying. Victims of Badtrans are infected when they receive an email containing the worm in an attachment and either run the program by clicking on it, or use an email reader like Microsoft Outlook which may automatically run it without user intervention. Once executed, the worm replicates by sending copies of itself to all other email addresses found on the host's machine, and installs a keystroke-logger capable of stealing passwords including those used for telnet, email, ftp, and the web. Also captured is anything else the user may be typing, including personal documents or private emails. Coincidentally, just four days before the breakout of Badtrans it was revealed that the FBI was developing their own keystroke-logging virus, called Magic Lantern. Made to complement the Carnivore spy system, Magic Lantern would allow them to obtain target's passwords as they type them. This is a significant improvement over Carnivore, which can only see data after it has been transmitted over the Internet, at which point the passwords may have been encrypted. After Badtrans pilfers keystrokes the data is sent back to one of twenty-two email addresses (this is according to the FBI-- leading anti-virus vendors have only reported seventeen email addresses). Among these are free email addresses at Excite, Yahoo, and IJustGotFired.com. IJustGotFired is a free service of MonkeyBrains, a San Francisco based independent Internet Service Provider. In particular, [EMAIL PROTECTED] began receiving emails at 3:23 PM on November 24. Triggering software automatically disabled the account after it exceeded quotas, and began saving messages as they arrived. The following day, MonkeyBrains' mail server was sluggish. Upon examination of the mail server's logs, it quickly became apparent that 100 emails per minute to the "suck_my_prick" alias were the source of the problem. The mails delivered the logged keystrokes from over 100,000 compromised computers in the first day alone. Last week the FBI contacted the owner of MonkeyBrains, Rudy Rucker, Jr., and requested a cloned copy of the password database and keylogged data. The database includes only information stolen from the victims of the virus, not information about the perpetrator. The FBI wants indiscriminant access to the illegally extracted passwords and keystrokes of over two million people without so much as a warrant. Even with a warrant they would have to specify exactly what information they are after, on whom, and what they expect to find. Instead, they want it all and for no justifiable reason. One of the most basic tenets of an authoritarian state is one that claims rights for itself that it denies its citizens. Surveillance is perhaps one of the most glaring examples of this in our society. Accordingly, rather than hand over the entire database to the FBI, MonkeyBrains has decided to open the database to the public. Now everyone (including the FBI) will be able query which accounts have been compromised and search for their hostnames. Password and keylogged data will not be made available, for obvious legal reasons. The implications of complying with the FBI's request, absent any legal authority, are staggering. This is information that no one, not even the FBI, could legally gather themselves. The fact that they seek to take advantage of this worm and benefit from its illicit spoils, demonstrates the FBI's complete and utter contempt for constitutionally mandated due process and protection from unreasonable search and seizure. It defies reason that the FBI expects the American people to trust them to only look at certain permissible nuggets of data and ignore the rest of what they collect. One need only imagine what J. Edgar Hoover would do with today's expansive surveillance system, coupled with the new powers granted by the Patriot Act, to appreciate the Orwellian nightmare that the United States is becoming. The last thing the FBI should have is a spying Internet worm, and it looks like they've found one. Welcome to the Magic Lantern. ------------------------------------------------------------------------------ -- The database is available at http://badtrans.monkeybrains.net *COPYRIGHT NOTICE** In accordance with Title 17 U. S. C. Section 107, any copyrighted work in this message is distributed under fair use without profit or payment to those who have expressed a prior interest in receiving the included information for nonprofit research and educational purposes only.[Ref. http://www.law.cornell.edu/uscode/17/107.shtml ] Want to be on our lists? Write at [EMAIL PROTECTED] for a menu of our lists! Write to same address to be off lists! <A HREF="http://www.ctrl.org/";>www.ctrl.org</A> DECLARATION & DISCLAIMER ========== CTRL is a discussion & informational exchange list. Proselytizing propagandic screeds are unwelcomed. Substance—not soap-boxing—please! These are sordid matters and 'conspiracy theory'—with its many half-truths, mis- directions and outright frauds—is used politically by different groups with major and minor effects spread throughout the spectrum of time and thought. That being said, CTRLgives no endorsement to the validity of posts, and always suggests to readers; be wary of what you read. CTRL gives no credence to Holocaust denial and nazi's need not apply. Let us please be civil and as always, Caveat Lector. ======================================================================== Archives Available at: http://peach.ease.lsoft.com/archives/ctrl.html <A HREF="http://peach.ease.lsoft.com/archives/ctrl.html";>Archives of [EMAIL PROTECTED]</A> http:[EMAIL PROTECTED]/ <A HREF="http:[EMAIL PROTECTED]/";>ctrl</A> ======================================================================== To subscribe to Conspiracy Theory Research List[CTRL] send email: SUBSCRIBE CTRL [to:] [EMAIL PROTECTED] To UNsubscribe to Conspiracy Theory Research List[CTRL] send email: SIGNOFF CTRL [to:] [EMAIL PROTECTED] Om
