Follow by Email

Sunday, December 28, 2008

A Massive Fraud, Complete with Domestic Spying

It is a story, in the post-9/11 era, that will surprise some, not surprise some others, but probably will scare everyone that reads it. Because chances are, if you are reading this, you are one of its victims. To its creator, and sponsors (more on them later), it was known as Project Leviathan, and it was created, I believe, in 2005, and put into operation late that year and in early 2006. For those of us who are not major computer geeks (or hackers), the details of how it works, and what it does, are a little difficult to plumb; but in a nutshell, this hacker program runs invisibly wherever the hacker plants it, and it captures whatever information the hacker wants it to capture, including, if the hacker chooses, every keystroke you make. If PL is planted on a site that you, the reader, has used, PL has captured everything you typed on that site, including your password, and any non-public information that would ordinarily not appear on the website.

It is impossible to know which, or how many websites have had PL implanted on them. My guess, knowing who sponsored PL, is at least hundreds, perhaps thousands. I know of at least one affected website, and considering those involved, it is not the only one; considering their aims, they cast as wide a net as possible "in order to protect the homeland."

Oh, and the massive fraud? Well, suppose you launched a website with a stated purpose, advertised it on Craigslist, and waited for folks to come and sign up? Suppose then, that your marketing pitch was so well-crafted, and the folks that you attracted to your website were so talented, that soon thousands were joining and participating? And suppose that while your site was making good on its promises to registered users, it was also performing psychological experiments on them, using group dynamics to test out social theories, and using PL to capture every bit of private, confidential, sensitive information about each and every one of them? That last part would be the massive fraud.

PL is invisible to almost every security firewall software that has been written. It will not be picked up by scans. It will not be detected by network searches. It runs silent, and deep, and does not go away until the person who implanted it removes it. In many ways, it may the greatest hacker software ever written. Its author is certainly going to be well-known for it. Its author? Oh, yes, I know who wrote PL. You will too, when my full report is posted.

I have finished my reporting on this story, but need another day to edit it and make sure that I have not missed anything important. I hope to have the full report done and posted tomorrow, so watch this space.

No comments: