Russian Agency Charges FBI Agent With Hacking

eNonymous Coward writes "An FBI agent who helped lure two Russian 'hackers' to the USA in 2000 so that they could be arrested is now being charged with hacking himself by the Russian FSB. You might remember that Gorshkov and Ivanov exploited an NT vulnerability to steal information from corporate networks, which was then used to extort money from the companies; they're also accused of being behind the CDUniverse and Western Union credit card database thefts. Last year a federal judge ruled that the FBI's action was legal, but the FSB disagrees."

Interesting case

[Y2K+is+bogus]

This was an interesting case. The description of how the agents lured the russian "hackers" to the US was beyond belief.

Michael was back at the office downloading data from their computers like mad while they took them to lunch.

The russians were very chatty, too chatty for their own good. IIRC they had something like 350 pages (an entire binder) of transcribed conversations with them. As is usual, the "hackers" were tooting their own horns.

I was called as a witness in the case to testify to data they had recovered and statements the russians had made. The russians had lied about the level of access they had. However, these people were very persistent, they spent a month or so just learning and tinkering trying to get a relatively small amount of data.

It's clear what their motives where though. They were stealing credit cards, setting up Ebay auctions and using proxy PayPal accounts to pay themselves for Ebay auctions they had setup themselves.

I got to learn how serious Paypal takes "hackers" and abuse. Both paypal and ebay (now the same) have dedicated professionals to tracking down "hackers" and fraud.

Re:Legality

[Mammothrept]

"I can't understand how a federal judge can have the sort of authority to declase the action legal when it doesn't appear to be a federal matter."

The case appears to be before Judge Coughenour, a federal judge sitting in Seattle. During the course of a typical case, judges routinely have to rule on federal and state legal issues that come up. On federal law questions, the judge looks primarily to the past decisions by the US Supreme Court and the 9th Circuit Court of Appeals.

For state law issues, Judge Coughenour has to apply and abide by past rulings of the Washington State courts, and especially its Supreme Court.

For a specific example, the Russian defendants can claim rights under both the 4th Amendment to the US Constition and similar provisions of the Washington Constition against unreasonable search and seizures. You may have more (or fewer) rights under your state constitution than you do under the Federal. Coughenor would look to federal precedents to decide the federal issue and look to state precedents to decide the Washington state issue.

If the Russians think that Coughenor gets either the state or federal issues wrong, they can appeal to a higher Federal Court of Appeals and on the state law issue, there is a process for the Court of Appeals to ask the Washington Supreme Court for their opinion.

On the issue of who wins the dispute over whether the FBI agent broke Russian law, there is no single answer. If the Russian courts ultimately decide the FBI agent broke their laws, they can convict him and sentence him to prison. Their problem is getting hold of the FBI agent to put him on trial in the first place. Don't look for a U.S. Court to order that a Russian extradition request for the FBI agent be honored. This case should make a nice final exam question for "Conflicts of Law" courses in lots of US law schools next May.

I can see with Mozilla (for M$ at least)

[hashinclude]

http://www.canoe.ca/CNEWSTechNews0105/10_hackers2- ap.html

High-tech net snags hackers

By ALLISON LINN-- The Associated Press

SEATTLE (AP) -- Invita Security Corp. looked like a typical Internet company: It had offices, computers, employees and a secure computer system. The only thing missing was the customers.

Far from being a failed start-up, the aptly named Invita turned out to be a bogus company set up by the FBI to ensnare two young Russians accused of breaking into U.S. Internet companies' computers, stealing sensitive data and trying to extort money.

Authorities say Alexey Ivanov, 21, and Vasily Gorshkov, 25, both of Chelyabinsk, fell for the bait. They were arrested and jailed on charges including conspiracy and fraud and are set for trial May 29 in federal court in Seattle.

The FBI declined to comment. But in recently unsealed court documents that read like a spy novel, agents tell how they snagged the alleged thieves by creating the shell company and inviting Ivanov and Gorshkov to try to hack into it.

After Ivanov and Gorshkov succeeded from afar, FBI agents posing as Invita employees invited the two to Seattle to discuss a partnership and further display their hacking prowess.

As the Russians demonstrated their skills at the shell company, the FBI used a computer eavesdropping technique to reach across the Internet and break into the suspects' own computer system in Russia.

Internet security experts say the case illustrates well how the FBI's cybercrime-fighting abilities have evolved -- though the defense is questioning the legality of the agency's methods.

"What they did was phenomenal. It was exceptionally effective," says Kevin Mandia, who worked for the Air Force office of special investigations and taught FBI courses in hacker attacks before joining the Irvine, Calif., Internet security company Foundstone. "Five years ago they wouldn't be able to do that kind of thing."

Mandia says that the FBI, after being ridiculed as ill-equipped to fight computer crime, has made remarkable progress, including adding a program that has trained more than 1,000 agents in cybercrime.

The FBI believes the Russian suspects or their associates could have been involved in hundreds of crimes against U.S. companies, including Kirkland-based Lightrealm.com, an Internet access company, and Palo Alto, Calif.-based PayPal, an online payment business.

First, the FBI alleges, the hackers broke into computer systems. Then, authorities say, they sent e-mails to company officials demanding payment in exchange for not distributing or destroying sensitive documents including financial records.

After tracking down the suspects over the Internet, the FBI invited them to Seattle in November for the Invita gambit.

Court records show that while Gorshkov was using an Invita computer, the FBI secretly used a "sniffer" program that logs every keystroke a person types.

Using passwords recorded by the "sniffer," the FBI was then able to enter the computers in Russia where Gorshkov kept his data and download immense amounts of information.

In court documents, Gorshkov's lawyer, Kenneth E. Kanev, has challenged the FBI's right to use that material, claiming his client's privacy was invaded because he did not consent to have his computer usage recorded. Kanev contends the FBI should have obtained a search warrant before downloading the information.

The investigators say they were forced to follow this procedure because they needed to secure the incriminating information before the two suspects' Russian counterparts destroyed the data.

The Invita case could define how far U.S. law enforcement can go to catch non-citizens who break into American systems.

"This case is going to resolve a very thorny legal question," says Marc J. Zwillinger, a former Justice Department computer expert now in private practice in Washington.

The case could test the admissibility of evidence obtained through the covert recording of computer keystrokes, a technique the FBI also used in a case against an alleged mobster in New Jersey, Nicodemo S. Scarfo Jr., that is expected to go to trial later this year.

Today's most serious hacker threats come from outside the United States or go through computers abroad. Russian hackers, in particular, have been behind several of the biggest Internet theft cases.