Virustotal - FBI Cooperation
I have obtained a file that I believe is government malware. It hashes to D7161581BAAA04FC2E515BF724CC2CC17C2520A3574717D53A8F9D638E3D30F, and is signed by Microsoft. This should be the appropriate link: https://www.virustotal.com/en/file/ D7161581BAAA04FC2E515BF724CC2CC17C2520A3574717D53A8F9D638E3D30F However when trying to archive the link, the link comes up as 404. https://archive.fo/d0eR0 <http://archive.fo/d0eR0> I have a photograph of the virustotal scan, while I believe I am pwned, the government is well aware of the first amendment concerns of altering photographs in a person’s possession as opposed to merely suppressing scans or whatever balancing test they hide away from us. I could upload the screenshots, but I’m using a different computer right now and I’m a bit on edge from all this. It is not inconceivable that the FBI and virustotal are cooperating with known file hashes and are suppressing them from public view, especially given that virustotal gives access to uploaded files to major cyber security and antivirus firms. I would like to know the process in which these irregularities occur, and whether or not there are consequences for misuse of valid activities for corrupt ends and what checks are there on it. Maybe the relevant civil liberties concerns could investigate.
Are you saying you can't share it because it was only on VT, and you don't have the original any more? Mark On Sun, 21 Oct 2018, 19:06 Ryan Carboni, <ryacko@gmail.com> wrote:
I have obtained a file that I believe is government malware. It hashes to D7161581BAAA04FC2E515BF724CC2CC17C2520A3574717D53A8F9D638E3D30F, and is signed by Microsoft.
This should be the appropriate link: https://www.virustotal.com/en/file/D7161581BAAA04FC2E515BF724CC2CC17C2520A35...
However when trying to archive the link, the link comes up as 404. https://archive.fo/d0eR0 <http://archive.fo/d0eR0> I have a photograph of the virustotal scan, while I believe I am pwned, the government is well aware of the first amendment concerns of altering photographs in a person’s possession as opposed to merely suppressing scans or whatever balancing test they hide away from us. I could upload the screenshots, but I’m using a different computer right now and I’m a bit on edge from all this.
It is not inconceivable that the FBI and virustotal are cooperating with known file hashes and are suppressing them from public view, especially given that virustotal gives access to uploaded files to major cyber security and antivirus firms.
I would like to know the process in which these irregularities occur, and whether or not there are consequences for misuse of valid activities for corrupt ends and what checks are there on it.
Maybe the relevant civil liberties concerns could investigate.
participants (2)
-
Mark Steward
-
Ryan Carboni