[Infowarrior] - FBI Looking to Buy Malware From Security Vendors

Richard Forno rforno at infowarrior.org
Thu Feb 6 10:17:48 CST 2014


FBI Looking to Buy Malware From Security Vendors

http://www.securityweek.com/fbi-looking-buy-malware-security-vendors

The FBI has placed malware on its shopping list, and is turning to vendors to help the agency build a massive library of malicious software. 

According to a 'Request for a Quote' posted on the Federal Business Opportunities website, the FBI is looking for price quotes for malware for the Investigative Analysis Unit of the agency's Operational Technology Division.

"The Operational Technology Division (OTD), Investigative Analysis Unit (IAU) of the FBI has the following mission: Provide technical analysis of digital methods, software and data, and provide technical support to FBI investigations and intelligence operations that involve computers, networks and malicious software," according to the document (.doc).

"The IAU has a team of highly trained technical analysts, specialists and engineers providing on-scene technical support, employing innovative, custom developed analytical methods and tools to analyze collected data," the document continued. "Critical to the success of the IAU is the collection of malware from multiple industry, law enforcement and research sources."

According to the request for quote, any malware submissions must meet a set of baseline functional requirements:

i.      Contain a rollup of sharable malware as included in the malicious URL report

ii.     Be organized by SHA1 signatures

iii.    Be updated once every 24 hours

iv.     Be a snapshot of the prior 24 hours

v.     Be, on average, 35 GB per day and include the following file types: 

Executable file types from Unix/Linux, Windows and Macintosh

Archives files

Image files

Microsoft Office documents

Audio and Video files

RTF files

PDF files

PHP files

JavaScript files

HMTL files

vi. Be able to retrieve feed in an automated way through machine-to-machine communication

vii. Initiations of accessing feed shall be pulled by IAU not pushed to IAU

The agency does not say precisely how the malware will be used, but the document calls the collection of malware from law enforcement and research sources "critical to the success of the IAU's mission to obtain global awareness of malware threat."

"The collection of this malware allows the IAU to provide actionable intelligence to the investigator in both criminal and intelligence matters," according to the document.

The FBI did not respond to a request for more information from SecurityWeek before publication.

"The FBI reserves the right to request a sample product for test and evaluation purposes," the document notes. "If a test sample is requested, the vendor will be notified when and where to send the sample. Given the nature of the solicitation, any test/sample product(s) will be removed/deleted at the conclusion of testing. To ensure that sufficient information is available, the Offeror must furnish, as a part of the quote, all descriptive material necessary for the purchasing activity to determine whether the product meets the salient characteristics of this requirement."

Price quotes and a description of capabilities are due on Feb. 14.

---
Just because i'm near the punchbowl doesn't mean I'm also drinking from it.



More information about the Infowarrior mailing list