FBI tracked 'teen bomber' using spyware

FBI agents trying to track down an anonymous MySpace user who was threatening to blow up a school used spyware to trap him. 

Fifteen year-old student Josh Glazebrook had the surveillance software sent to him by government agents after he threatened Timberline High School near Seattle. 

According to an affidavit obtained by Wired News, FBI agent Norman Sanders described the software as a "computer and internet protocol address verifier".

The spyware program, which is known as CIPAV, logs the following:

• The computer's IP address
• The MAC address
• The person's username
• The last URL visited
• A list of open ports
• Computer programs that are running
• The operating system
• The internet browser and version
• The computer's registered owner
• The IP address of every other computer to which the PC connects for up to 60 days

Graham Cluley, senior technology consultant at Sophos, said that the use of spyware is not yet widespread among law enforcement agencies. 

"We have not seen any evidence that this practice is becoming commonplace, but there have been occasions when the crime-fighting authorities have used malware to their advantage," Cluley told vnunet.com.

"Way back in 2001 we wrote of our concerns about the FBI running a project called Magic Lantern which was designed to do just this." 

Cluley explained that people supporting the use of spyware to monitor possible criminal behaviour often compared it to tapping a suspect's phone line.

"However, there is a difference between tapping a phone line and installing malicious code on a user's computer," he said.

"Malicious code on a user's computer can be copied, archived, adapted and potentially used by people who do not work for the authorities to spy on completely innocent victims."

Glazebrook pleaded guilty to felony harassment, making bomb threats and identity theft earlier this week.