Lawyer Finds Hard Drive Sent Over by Police to Be Infected with Trojan for Spying

A lawyer who has been dealing with a whistleblower case has claimed that a hard drive used as evidence and sent by the police has infected with spying Trojan.

A lawyer from Arkansas is now representing three police officers from Fort Smith at a case of whistleblowers and has now found himself in the middle of a surveillance attempt on behalf of the police. According to his statement, he has been sent over the evidence of the case within a hard drive, which is not the common tactic followed by the police. On the contrary, most frequently the evidence is sent over using an email or with the post office. This was in fact what has triggered the alarm and made the lawyer a lot more cautious of the content included within the hard drive.

The lawyer, Matthew Campbell, works at the Pinnacle Law Firm and has sent over the hard drive to security experts for inspection. What came back from the inspection shocked him a great deal; there were four “Trojans” added to the hard drive and the lawyer (along with the security experts and the firm where Campbell works) suspects that such malware cannot have been planted there by accident. The Trojans included:

• Win32:Zbot-AVH[Trj], a password logger and backdoor
• NSIS:Downloader-CC[Trj], a program that connects to attacker-controlled servers and downloads and installs additional programs, and
• Two instances of Win32Cycbot-NF[Trj], a backdoor

The reaction of Matthew Campbell has been direct and straightforward. He was prompt to point out that there is something suspicious in the whole case, given the severity of the impact that the Trojans can have on one’s computer:

“One would have kept my Internet active even if I tried to turn it off, one would have stolen any passwords that I entered in, and the other would have allowed the installation of other malicious software,” based on what Campbell has said. “It’s not like these are my only clients, either. I’ve got all my client files in my computer. I don’t know what they were looking for, but just the fact that they would do it is pretty scary.”

On behalf of the police, there is no actual comment on the matter. Kevin D. Lindsey, who is chief of the police there, admitted on Monday that he had had a look at the motion that was filed by Campbell, but he had no comment to share with the public opinion.

To quote his statement:

“We’re going to let the courts speak on that when the time comes,” to continue on: “We’ll let the courts get this worked out and let the disposition speak for itself.”

This is for sure a serious wrongdoing of the police, should something like that get proven in court. Even if there is a thread of truth in these accusations, everyone would be really hesitant as to how to deal with the police and the evidence presented to them.

Written by: Ali Qamar, Founder/Chief Editor at SecurityGladiators.com

Author Bio:
Ali Qamar is an Internet security research enthusiast who enjoys “deep” research to dig out modern discoveries in the security industry. He is the founder and chief editor at SecurityGladiators.com, an ultimate source for worldwide security awareness having supreme mission of making the internet more safe, secure, aware and reliable. Follow Ali on Twitter @AliQammar57

Edited by Pierluigi Paganini

(Security Affairs –  spyware, hard drive, Trojan)