Arkansas cops send malware to whistleblowers' lawyers

[Permalink]

The Keystone Kops rise again!

3 Likes

To do: plug the drive into a sandbox computer, and determine where it tries to “phone home” to …

11 Likes

The people who enforce the law are the last people you should expect to actually obey the law. Is that really so suprising, when you think about it?

10 Likes

Deliberate attempt to infect with malware.
Deliberate attempt to intrude upon attorney-client privilege.

If Joe Citizen pulled this kind of crap, he could expect a 20+ year prison sentence.

The offending cops will likely never even be publicly identified, and will certainly never face prison time.

Christ, what assholes.

16 Likes

They are largely exempt from it. Almost as much as the legislature and the judiciary. Rules are for plebes. Do you even America? :wink:

7 Likes

Groups tend to stick to their group and hate rival groups. Cops becoming full blown criminals breaking the law is like a hard core Democrat secretly voting Republican, or funding a noxious Republican candidate.

So, I think it is surprising from one angle, but do agree there are some laws cops have the luxury of bypassing because they are the ones who enforce it.

It is not surprising in the sense that police corruption is routine, however. Corruption is contagious and difficult to stop partly because cops themselves are the ones expected to stop it.

Full blown corruption, they become thugs with badges enforcing nothing but their own arbitrary power.

There is another angle to why cops can resist corruption, however, which is more difficult to explain, and goes along how people are wired to try and avoid hypocrisy. This angle looks at the fulcrum of their position and the weight that puts on them for transgressions. And typically is simply expressed by making statements like “thugs with badges” designed to shame them and point out they are the ‘other team’ already.

Very bad indicator that the whole organization there (cops, prosecutors, judges) is corrupt. Though, could be an isolated incident. That is a very brazen and serious crime. The instinct for an authority to investigate cases against them is a a very dangerous one symptomatic of severe corruption. Same behavior you see in moles, as ‘only a mole can catch a mole’. That becomes their first priority, to get into investigations and sideline them.

The brazen aspect of the behavior indicates symptomatic behavior of corruption, and desperation. It is considered for them a foremost priority to control investigations headed against them. Arrogance, or brazenness, indicates willingness to take a major criminal risk based on experience of taking criminal risks and getting away with it without exposure.

They had a priority to control the investigation, which indicates instincts honed in defensively from experience of breaking the law in a serious manner.

Should be interesting to see if this case gets sidelined, and so the entire area is corrupt, or if they find a suspect and deliver them to justice. Especially will be interesting to see how their reaction is, if they ‘close ranks’, or thoroughly condemn the transgression.

2 Likes

What we know for sure: A hard drive was sent to the cops. They cops connected the hard drives to some of their computers and copied a bunch of files over. The hard drive came back with some malware.

A USB disk ending up with malware after being plugged into a bunch of computers used by bored office workers, at a workplace whose list of priorities probably has “highly reliable IT environment” somewhere around item 200, is hardly shocking.

That’s what I was thinking would be the defense. The cops will simply play stupid and act like they had no idea it was there.

Of course there is no way the penal system would let a citizen get away with this shenanigan. At the very least I would get threatened with jail time and abuse and whatever else.

3 Likes

Read the quote a little more:

“Additionally, the placement of these trojans, all in the same
sub-folder and not in the root directory, means that [t]he trojans were
not already on the external hard drive that was sent to Mr. Campbell,
and were more likely placed in that folder intentionally with the goal
of taking command of Mr. Campbell’s computer while also stealing
passwords to his accounts.”

These 3 pieces of malware were located specifically in the folder added by the officers. Not in the root where malware would normally attempt to insert itself.

5 Likes

Looks like good cost-benefit analysis by the cops.

Risk incurred by planting malware: effectively zero.
Possible benefits of planting malware: evidence that might help cops achieve their goals.

If you don’t want cops to murder/rob/lie/cheat then you need to have strong disincentives in place, since there will always be powerful incentives for them to break the law.

3 Likes

I don’t agree with that assessment.

The files’ placement in a folder that wasn’t present when the drive was sent over certainly supports that they got there under police custody. It doesn’t say much about how.

Malware sometimes attempts to insert itself at the root level. Other times it does other things. Other times it isn’t a drive infector at all, but it’s sitting around on someone’s files as a result of an existing or partially cleaned up malware infection, and they copyfiles over whole folders at a time, then the malware is going to end up copied over.

One thing I’d love to know that the article didn’t cover (potentially because that information would have revealed legal strategy, but more likely because the writer didn’t know to ask) - was there an actual launch mechanism for the malware? Was it just some DLLs or EXEs sitting “inert” in a folder, or was there also a mechanism to cause them to launch without anyone double-clicking them (autorun.inf, or a word doc with macros that calls out to the EXEs, etc.)? What were the files named?

4 Likes

Or maybe the malware was planted in police computers and had automatically propagated itself to the portable disk. It could be something as simple as police browsing porn on work systems.

Not as surprising as how far I am willing to push them into compliance. It gets scary sometimes, I have even seen cops literally cry over it.

1 Like

If this were a detective novel instead of a news story, the lawyer would have brought in the FBI and began a sting operation, where the malware was fed disinformation specifically designed to generate a chain of evidence. And when the dirty cops plea incomptence, they get put away for a long long time. But since it’s a news story, the FBI was probably the ones who taught the local cops how to do this in the first place.

9 Likes

Well, there are no fainting couches in court. Your personal indifference, aside.

I suppose if children did it, or some other non professional group, SURE. Why not. But the assumptions you have to make seem unsupportable here, and they are no more likely than the ill intent of a professional.

How did -any- files even get copied onto a drive in evidence? BUTTERFINGERS, of course. Total accident by an incompetent, yeah, yeah… okay.

You are holding cops in quite a reverence, regarding to their professionality. They can usually barely type, from what I saw.
If this was a pro-grade attack, would they use something that every virus scanner will catch with glee, or use some at least somewhat obfuscated exploit generator?

I might hold them in reverence.

Might also be that you hold them in such disdain that my treating them as human seems like a fucking halo.

But we all know you, and not I, are above bias.