Getting DIRT on the Bad Guys
Here's the ultimate weapon in the war against cyber crime.
by Tom Spring, PC World
June 29, 1999, 12:23 p.m. PT
To former detective Frank Jones, "secure network" is an oxymoron. The word "delete" isn't in his vocabulary. Password-protect your computer and you'll make his day.
And if you really get on Jones' bad side, he'll take complete control of your PC--and your first clue will be when you open your door and the boys in overcoats start flashing badges at you.
If you're among the anonymous thousands of cyber bad guys who inhabit the Internet's underbelly, Jones is your worst nightmare.
The retired New York City detective works on the law enforcement sidelines building software tools to help the government and police crack down on online criminals.
And his latest tool is considered the ultimate weapon.
Digging up DIRT
Jones wrote the widely used, but little-known software program called DIRT. The program works like a telephone wiretap for computers, giving its users the ability to monitor and intercept data from any Windows PC in the world.
DIRT stands for Data Interception by Remote Transmission and was originally created by Jones as a tool to help snare online child pornographers. But in the short time it has been available only to government and law enforcement agencies, DIRT is now used to battle hacker groups like Cult of the Dead Cow and to trap terrorists, drug dealers, money launderers, and spies.
"What we do is give law enforcement an additional line of defense," says Jones, the president of Codex Data Systems.
The DIRTy Details
The client side version of the DIRT program is less than 20KB in size and is typically installed on a target PC using a Trojan horse program (a set of instructions hidden inside a legitimate program). The DIRT program is usually sneaked inside an e-mail attachment, a macro, or a workable program that a targeted user is enticed to download.
Once inside a target Windows 95/98/NT computer, it gives law enforcement complete control of the system without the user's knowledge.
It starts off by secretly recording every keystroke the user makes. The next time the user goes online, DIRT transmits the log for analysis. Jones says government agencies have even managed to open encrypted files by obtaining password locks.
During a recent program demonstration, Jones easily uploaded and downloaded files to a DIRT-infected computer connected to the Net by a dial-up modem. Jones could upload and download files to the PC without a hint of activity on the other end.
Copyright © 1999 PC World Communications. All Rights Reserved.