Sniffer company details software's role in FBI sting

Michael S. Mimoso, Editorial Director
What are the long-range implications of the FBI's use of Investigator and their sting operation against the hackers?
There are legal issues raised with what the FBI has done. For the first time, they've gone into another country and accessed information from a computer. That has never happened before. These guys (the Russians) had no expectation of privacy. Sure, there's been some of the 'these poor hackers' going around. But, this is the first time the FBI has used technology to go into a server in a foreign country. Investigator was apparently installed on two computers in Seattle and used to monitor the hackers' keystrokes to obtain their passwords to the Russian computers. How long has Investigator been around?
Investigator has been around in one form or another since 1993. I would say this is the sixth or seventh version of the software and I've seen everything go by in that time. Most of our customer support time on the phone is spent with husbands and wives, mostly because they're not that computer literate. Most of our customer support is spent with that small percentage of our customer base, that's why they come to mind. How did you learn Investigator was the tool that broke the Russian hacker case?
I read the Seattle Times article on the FBI-Russian hackers case and I said, 'hey, that sounds like Investigator.' I sent a friend of mine over to the courthouse for the case file and they handed it over to him. And there it was, in an FBI affidavit. I said

    Requires Free Membership to View

'Wow, look at that.' There have been other cases where I have suspected that Investigator was used, but we were never able to prove it. And the FBI would never go public with that information. Can you tell us about Investigator, how it works, who uses it and what it's used for?
There's all sorts of uses for it. Who uses it? We've got everyone from disgruntled spouses using it, to parents with teen-agers, to small corporations, to large corporations to government agencies -- anyone who wants to know what's going on with their computer systems. Investigator software records everything that happens on a computer, from every file that's opened or moved, to where you've gone on the Internet to every keystroke that is made on a keyboard. All of it delivered in shocking detail. I run it on myself all the time and it reports things I don't remember ever doing. What kind of information does Investigator report?
Investigator issues reports in spreadsheet format with rows and columns. The top row contains the user name, computer name, start time, elapsed time, date, the number of keystrokes ? raw and formatted keystrokes ? all in sequential order. And you can filter down your reports to receive just specific information.


Read the FBI's affidavit regarding their use of Investigator

searchSecurity has the Best Web Links on computer forensics

searchSecurity talks to a cyber detective in this news item: "Veteran sleuth on cutting edge of cybercrime investigation"

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: