The FBI uses special spyware to trace the source of cyber crimes. That's according to the Electronic Frontier Foundation (EFF), which recently received documents revealing this data through the Freedom of Information Act.
According to Wired.com:
[t]he software, called a "computer and internet protocol address verifier," or CIPAV, is designed to infiltrate a target's computer and gather a wide range of information, which it secretly sends to an FBI server in eastern Virginia. The FBI's use of the spyware surfaced in 2007 when the bureau used it to track e-mailed bomb threats against a Washington state high school to a 15-year-old student.
But the documents released Thursday under the Freedom of Information Act show the FBI has quietly obtained court authorization to deploy the CIPAV in a wide variety of cases, ranging from major hacker investigations, to someone posing as an FBI agent online.
This Web bug is similar to spyware and remains permanent on the user's machine. An article at NextGov explained:
The worm can collect the user's Internet protocol address, or network location; media access control address, a unique code for each piece of computer hardware that connects to a network such as a Wi-Fi card; and certain data, the name of which is redacted, that "can assist with identifying computer users, computer software installed, computer hardware installed, [redacted]," an Oct. 2005 message stated. A separate 2005 email regarding an installation in Honolulu indicates the spyware also can record open communication ports, a list of programs running, the operating system's serial number, type of browser, current login name, and the website the target last visited.https://o1.qnsr.com/log/p.gif?;n=203;c=204663295;s=11915;x=7936;f=201904081034270;u=j;z=TIMESTAMP;a=20410779;e=i
The documents received by the EFF have been heavily redacted and don't provide all of the details of CIPAV.
Not sure what to think of this news. Is it a good thing that the FBI has this capability? Or is it too much of an invasion of privacy?