Malware

Whistleblowers’ lawyer claims Ark. police dept. put malware on hard drive

Share

A lawyer representing three whistleblowers – all from a police department in Fort Smith – in a case before an Arkansas circuit court has accused the department of planting malware on an external hard drive he had provided for them to populate with emails and other information he made in a discovery request.

Attorney Matt Campbell of North Little Rock has asked the court to find police officials in contempt for that and other tactics used to thwart the discovery process. Campbell is representing three police officers, one, Don Paul Bales, the former police chief in Fort Smith, who say they were the focus of unwarranted and illegal investigations after they had reported improper practices in the department regarding overtime pay and terminations.

Campbell had requested email and other documentation during discovery but was met with obstacles and resistance from police department officials. The court in May ordered the department to comply. Instead, though, the court documents said the “defendants have engaged in intentional spoliation of evidence by deleting entire email accounts” without letting Campbell's team search them and continued to do so when they failed “to preserve and provide deleted emails” that they admitted were recoverable. Much of the data provided was improperly redacted as well.

Campbell had presented the police department with an external hard drive, which it was to use to provide documentation requested in discovery. When the hard drive was returned to the attorney, he asked an IT specialist to take a look at it.

In an affidavit provided to the Court, that specialist, Geoff Mueller, manager of  information systems at the Lower Colorado River Authority, said he found four trojans on the hard drive – a Win32:Zbot-AVH[Trj], a password stealer; an NSIS:Downloader-CC[Trj], malicious software installer, and two Win32Cycbot-NF[Trj] backdoors that affect command-and-control.

Mueller said his investigation showed that the trojans “were more likely” placed on a folder in the drive “intentionally” to take control of Campbell's computer and for “stealing passwords to his accounts.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.