Industry News

FBI admin error leads to porn, drugs, malware and more as it loses control of website

Uh oh. There must be some red faces at the FBI’s cybercrime division at the moment.

You see, when the Feds seize websites that they believe are breaking the law they like to freeze the company’s assets and suspend the sites themselves, displaying a big fat message declaring what they have done.

I suppose they think it acts as a warning to others who might be considering a career in online crime and piracy.

Here is the kind of thing you would expect to see.

seized

In that particular example, it’s the website of the once popular MegaUpload file-sharing site, seized in January 2012 after it and its high profile founder Kim Dotcom were accused of harbouring millions of copyright-breaching files.

When you see a message like that you’re not looking at the real MegaUpload website – instead, the FBI has redirected traffic to a server under their own control, containing the message, via its own name servers.

Until recently, a domain under the FBI’s control – cirfu.net (it stands for Cyber Initiative and Resource Fusion Unit) – was pointing visitors to MegaUpload and other sites to servers under the control of the FBI.

But this is where the red faces come in.

Because someone at the FBI forgot to renew the cirfu.net domain, and it was snapped up by a black hat SEO practitioner calling himself “Earl Grey”.

And what did “Earl Grey” do with the domain name he had snaffled from under the very noses of the FBI? Well, as Torrent Freak reports, it seems he took the opportunity to use it to help spammers, scammers and hackers peddle their wares.

malicious-update

 

Visitors to MegaUpload and other sites were greeted not with a message saying the site was shut down, but instead income-generating adverts – including links to malware downloads, bogus software updates, and even a bogus BBC News report claiming that an iPhone 6 can be yours for just £1.00.

fake-bbc-article

 

The shy and retiring Kim DotCom himself commented on the incident on his Twitter account:

tweet

 

Joking aside, websites that the world believed were under the control of the FBI’s elite cybercrime-fighting team were snapped up by an opportunist and have – no doubt – resulted in innocent users’ being scammed or having their computers infected with malware.

If internet experts at the US government cannot be relied upon to properly manage and police the websites they own, what hope have businesses in keeping proper tabs on the multitude of domains that their company may have purchased over the years.

The truth is that stunts like this are being pulled all the time, all over the world. What’s different this time is that it was the FBI which was caught with its pants down, and the publicity-friendly Kim DotCom who helped inform the world’s media about the agency’s embarrassing snafu.

About the author

Graham CLULEY

Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by companies such as Sophos, McAfee and Dr Solomon's. He has given talks about computer security for some of the world's largest companies, worked with law enforcement agencies on investigations into hacking groups, and regularly appears on TV and radio explaining computer security threats.

Graham Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011, and was given an honorary mention in the "10 Greatest Britons in IT History" for his contribution as a leading authority in internet security.

4 Comments

Click here to post a comment

Your email address will not be published. Required fields are marked *

  • I’m not surprised that the government is caught in being incompetent once again. In fact,business always does a better job,as there livelyhood depends on it. I’m embarased for them,but it sure gives me something to talk about this thanksgiving,as my brother in law works for said agency (-: oh,the fun I’m going to have!

    • “I’m not surprised that the government is caught in being incompetent once again.”

      Amuses me greatly. Once again. When were they ever competent in anything other than corruption/similar? The US government has a lot to answer to, at least to those who understand (and are well read in) history – this of course leaves them out which is why none of that will ever happen. Yes, other countries have done awful things too (and also remain ignorant of history), but if you want some really good examples you need only look up Project Paperclip and Project MKULTRA, courtesy of the US government. And I’m afraid there’s more than that. But never mind those things (I only bring them up because it just adds to my points in subtle ways), let’s get back to computer incompetency because that’s another thing they’re excellent in (I’m not sure this is an issue of competency, though, but only forgetfulness):

      The fact the US government is the creator of the ARPANET (the predecessor to the Internet) is impressive, very impressive indeed (it was a project during the Cold War and the goal was to make a network of networks, see below, that could withstand a nuclear attack). But it would be impressive for all governments too, admittedly, in some ways (I think better stated is it is ironic that they did accomplish this given what I’m about to get to). But make no mistake: computer security (and I mean that in actual attacks – I remember these issues, repeatedly and then you have the issue in this article, even) is decades old and yet they’ve time and again said they would be changing their practises, improving things, that they would do better and other gobbledegook. The only thing that changed was the number of times they made these claims. NASA is a good example of this but they’re hardly the only one. Of course none of that will change the fact they have no problem participating in said things while whining about – and punishing – others doing it. Again this doesn’t apply to just the US. But this makes it harder to sympathise with even though an attack is an attack. But if there’s one thing governments are incompetent with, it is technology – they are behind by decades and I think they actually know it instinctively.

      Yet despite this, I call this incident a mistake that could happen to anyone. Indeed it has happened to far more than the US government and more than just governments. The fact is humans can’t remember everything and are bound to make mistakes. But that goes for all humans. Bad circumstances here? Absolutely. But whether this specifically is incompetency or not is another matter – I don’t think it really is that.

      As for network of networks. An internet is just that: a network of networks. The Internet (capital) is what we’re all familiar with and is ultimately what came from the arpa days (some references to arpa still exist, actually). Similar to ‘an internet’ is ‘an intranet’.

  • LOL at the people talking about corruption and “governments”. You are nothing more than a bacterial infection on a lump of rock. You are arguing about what other bacterial infectious parts of your infection are doing together, forgetting the fact that you are just a mere blimp on the map. People who read and study “conspiracy theories” are absolute idiots. How can a bacterial infection on a rock be a “conspiracy theory”? Our species is a disease and your theories about one small insignificant thing that the disease did, like 9/11, are irrelevant. Now little diseased idiots, go play!