An Arkansas lawyer representing current and former police officers in a contentious whistle-blower lawsuit is crying foul after finding three distinct pieces of malware on an external hard drive supplied by police department officials.
The hard drive was provided last year by the Fort Smith Police Department to North Little Rock attorney Matt Campbell in response to a discovery demand filed in the case. Campbell is representing three current or former police officers in a court action, which was filed under Arkansas' Whistle-Blower Act. The lawsuit alleges former Fort Smith police officer Don Paul Bales and two other plaintiffs were illegally investigated after reporting wrongful termination and overtime pay practices in the department.
According to court documents filed last week in the case, Campbell provided police officials with an external hard drive for them to load with e-mail and other data responding to his discovery request. When he got it back, he found something he didn't request. In a subfolder titled D:\Bales Court Order, a computer security consultant for Campbell allegedly found three well-known trojans, including:
- Win32:Zbot-AVH[Trj], a password logger and backdoor
- NSIS:Downloader-CC[Trj], a program that connects to attacker-controlled servers and downloads and installs additional programs, and
- Two instances of Win32Cycbot-NF[Trj], a backdoor
All three trojans are usually easily detected by antivirus software. In an affidavit filed in the whistle-blower case, Campbell's security consultant said it's unlikely the files were copied to the hard drive by accident, given claims by Fort Smith police that department systems ran real-time AV protection.
"Additionally, the placement of these trojans, all in the same sub-folder and not in the root directory, means that [t]he trojans were not already on the external hard drive that was sent to Mr. Campbell, and were more likely placed in that folder intentionally with the goal of taking command of Mr. Campbell's computer while also stealing passwords to his accounts."
In last week's court filings, Campbell asked the judge hearing the suit to hold the plaintiffs in criminal contempt and impose other court sanctions. The request is under submission, and it's not clear when the judge will rule on the motion.
A public information officer for the Fort Smith Police Department declined to comment on the matter until after officials have reviewed the allegations.
Last September, Arkansas State Police officials declined Campbell's request that the agency's criminal investigation division probe how the hard drive sent to Campbell came to be booby-trapped. "The allegations submitted for review appear to be limited to misdemeanor violations which do not rise to a threshold for assigning a case to the CID Special Investigations Unit," the commander of the CID wrote in a September 29 letter declining the request. The prosecuting attorney for Arkansas' 12th Judicial District has also declined Campbell's request to investigate, saying the district doesn't have the technical resources to conduct such a probe. The prosecuting attorney went on to say the US Justice Department may have the legal authority to probe the matter.
reader comments
88