By Dustin Slaughter
Law enforcement agencies have unwittingly been distributing potentially dangerous malware in the form of “Internet Safety Software” to communities in Scranton, Allegheny, Abington, and Delaware Counties.
Revelations about the software, called ComputerCOP, and the agencies distributing it, were released by the Electronic Frontier Foundation yesterday.
The software contains what is called a “keylogging” feature that captures information and – crucially – transmits it to third-party servers without encryption. This leaves any sensitive data entered into a computer, such as home addresses, names, birth dates, and more, open to exploitation by identity thieves and others.
Additionally, because the software doesn’t use even the most basic encryption standards, “law enforcement agencies are passing around what amounts to a spying tool that could easily be abused by people who want to snoop on spouses, roommates, or co-workers.”
According to EFF, ComputerCOP has already been distributed by 245 agencies in 35 states across the country. Locally, the Scranton Police Department, Allegheny County District Attorney, Delaware County District Attorney, and Abington Township Police Department have given out copies of ComputerCOP to their communities.
Law enforcement agencies often pay for this product with funds seized from civil asset forfeiture programs.
The software packaging often contains “endorsements” from organizations including the U.S. Treasury Department, the American Civil Liberties Union, and the National Center for Missing and Exploited Children; the only legitimate endorsement came from the NCMEC, which expired some time ago. The Treasury Department has actually issued a fraud alert over ComputerCOP’s claim.
EFF provides assistance to families that want to effectively remove ComputerCOP from their computers.