FBI's virus blunder

Posted by   Virus Bulletin on   Dec 2, 2004

Virus infection nearly blew the cover on a secret FBI fraud investigation two years ago.

It has come to light that a virus infection nearly blew the cover on a secret FBI fraud investigation two years ago.

The FBI had been investigating Dr Rafil Dhafir, who was suspected of breaking US sanctions against Iraq. Shortly after the FBI began monitoring Dr Dhafir's email, however, the Bureau's computer system became infected with Klez.h, causing an email to be sent from the FBI to their suspect. Understandably concerned that Dhafir might become suspicious, the FBI investigators sent him a second email, creating an elaborate ruse to try to convince him that they were investigating the virus - even encouraging him to call the Bureau if he had any problems. Luckily for the investigators Dhafir seemed to fall for the trick and he was arrested ten months later. One hopes that rather more robust IT security mechanisms are now in place at the Bureau.

Posted on 02 December 2004 by Virus Bulletin

 Tags

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

In memoriam: Prof. Ross Anderson

We were very sorry to learn of the passing of Professor Ross Anderson a few days ago.

In memoriam: Dr Alan Solomon

We were very sorry to learn of the passing of industry pioneer Dr Alan Solomon earlier this week.

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

In a new paper, researchers Aditya K Sood and Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited in order to gather threat intelligence, and present a model of mobile AppInjects.

New paper: Collector-stealer: a Russian origin credential and information extractor

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

VB2021 localhost videos available on YouTube

VB has made all VB2021 localhost presentations available on the VB YouTube channel, so you can now watch - and share - any part of the conference freely and without registration.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.