FBI uses Spear Phishing technique to plant malware in Suspect's system


It's not surprising that FBI uses malware to track the activities and location of suspects. A New article published by Washington Post covers the story about FBI using malware for surveillance to track suspect's movements.

FBI team works much like other hackers, targets suspects with the Spear Phishing technique that will attempt to exploit vulnerability in the target's machine and installs malware. The malware then collects information from the infected machine and send it back to FBI's server. The malware is also capable of covertly activating webcams.

In a bank fraud case, Judge Stephen Smith rejected FBI request to install spyware in the suspect's system in April.

Smith pointed out that using such kind of technologies ran the risk of accidentally capturing information of others who are not involved in any kind of illegal activity.

In another case, another judge approved the FBI's request in December 2012. The malware also successfully gathered enough information from the suspect's system and helped in arresting him.

In another case, July 2012, an unknown person who is calling himself "Mo" from unknown location made a series of threats to detonate bombs at various locations. He wanted to release a man who had been arrested for killing 12 people in a movie theater in the Denver suburb of Aurora, Colo.

After investigation, they found out Mo was using Google Voice to make calls to Sheriff , he also used proxy for hiding his real IP.

After further investigation, FBI found out Mo used IP address located in Tehran when he signed up for the email account in 2009. 

In December 2012, judge approved FBI's request that allowed the FBI to send email containing surveillance software to the suspect's email id. However, the malware failed to perform as intended.  But, Mo's computer sent a request for info to FBI's server from two different IP address.  Both suggested that he was still in Tehran.

Hackers stole ₹2.4 crore from Mumbai Bank in 3 hours

 
Cybercriminals hacked into the Mumbai-based current account of the RPG Group of companies and stole Rs 2.4 crore within 3 hours on May 11, Times of India reported.

The TOI report says money has been transferred to 13 different bank accounts in Chennai, Coimbatore,Tirunelveli, Bangalore,Hyderabad and other places.

The bank blocked those accounts but the gang have already managed to withdraw some funds.

The police has arrested three members of the crew who came to withdraw the money in Coimbatore and Hyderabad.

It appears the Company fell victim when the company officials opened the malware attached mail sent by the gang.  The gang then probably harvested the bank login credentials using the malware.

Earlier this year, cyber criminals stole Rs 1 crore in Mulund from the current account of a cosmetics company.