e-bugs: should anti-virus products detect them?

Graham Cluley Sophos Anti-Virus

Recently there have been media reports about the FBI's use of software to monitor the activity of suspected criminals and terrorists. These so-called `e-bugs' (with codenames such as Magic Lantern) capture the keystrokes of remote computer users in a similar way to the Trojan horses dropped by worms like Badtrans.

There have been suggestions in the media that some anti-virus companies may work in co-operation with the FBI, and deliberately not detect such Trojan horses.

This paper examines whether non-detection of e-bugs makes sense and whether customers have a legitimate requirement to be informed if they are being `e-bugged'.

This paper makes the case that using 'e-bugs' to spy on suspected criminals and terrorists is fraught with dangers, as there is no way of ensuring that the code will not be adapted by its recipients for illegal use.



twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.