Virustotal - FBI Cooperation

Mark Steward marksteward at gmail.com
Sun Oct 21 15:42:23 PDT 2018


Are you saying you can't share it because it was only on VT, and you don't
have the original any more?


Mark


On Sun, 21 Oct 2018, 19:06 Ryan Carboni, <ryacko at gmail.com> wrote:

> I have obtained a file that I believe is government malware. It hashes
> to D7161581BAAA04FC2E515BF724CC2CC17C2520A3574717D53A8F9D638E3D30F, and is
> signed by Microsoft.
>
> This should be the appropriate link:
> https://www.virustotal.com/en/file/D7161581BAAA04FC2E515BF724CC2CC17C2520A3574717D53A8F9D638E3D30F
>
> However when trying to archive the link, the link comes up as 404.
> https://archive.fo/d0eR0 <http://archive.fo/d0eR0> I have a photograph of
> the virustotal scan, while I believe I am pwned, the government is well
> aware of the first amendment concerns of altering photographs in a person’s
> possession as opposed to merely suppressing scans or whatever balancing
> test they hide away from us. I could upload the screenshots, but I’m using
> a different computer right now and I’m a bit on edge from all this.
>
> It is not inconceivable that the FBI and virustotal are cooperating with
> known file hashes and are suppressing them from public view, especially
> given that virustotal gives access to uploaded files to major cyber
> security and antivirus firms.
>
> I would like to know the process in which these irregularities occur, and
> whether or not there are consequences for misuse of valid activities for
> corrupt ends and what checks are there on it.
>
> Maybe the relevant civil liberties concerns could investigate.
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2178 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20181021/fe5e8e43/attachment.txt>


More information about the cypherpunks mailing list