Lawyer says cops tried to trick him into downloading malware

An Arkansas lawyer representing whistleblowers claims cops sent back an external hard drive loaded with Trojan viruses in response to a discovery demand for digital evidence.

Mar 1, 2020, 5:49 am*

Tech

 

JC Sevcik

A lawyer in Arkansas is alleging officials at the Fort Smith Police Department (FSPD) attempted to infect his computer with Trojan viruses. The lawyer says he found malware on an external hard drive provided by police in response to a discovery demand for digital data in a lawsuit filed under the state’s “Whistle-Blower Act,” according to Ars Technica

Attorney Matt Campbell is representing Don Paul Bales, Rick Entmeier, and Wendall Sampson Jr., current and former officers with the department. The three whistleblowers reported wrongful terminations and accused civilian employees of illegally obtaining overtime pay to internal affairs. The men claim they’ve been illegally investigated and otherwise unfairly retaliated against for attempting to call out Department brass’ corrupt conduct.

“Since July 2013, the plaintiffs have been the target of nearly two dozen various investigations, ranging from accusations that they misspent FSPD funds to allegations that they were impugning the FSPD on Facebook,” Campbell told the Northwest Arkansas Democrat Gazette.

Campbell’s case compelled FSPD to hand over emails as evidence. When the defendant’s representation Fed-exed him a hard drive instead of complying with the discovery demand through typical channels (cloud storage, email, USPS) Campbell became suspicious and asked his IT expert, Geoff Mueller, an information security manager operating out of Austin, Texas, to take a look. 

“I thought ‘I’m not plugging that into my computer,’ so I sent it to him to inspect,” Campbell said. 

Mueller found not only that the the disk contained malware but that the four Trojans he discovered appeared to have been placed there intentionally. 

“One would have kept my Internet active even if I tried to turn it off, one would have stolen any passwords that I entered in, and the other would have allowed the installation of other malicious software,” Campbell said. 

“It’s not like these are my only clients, either. I’ve got all my client files in my computer. I don’t know what they were looking for, but just the fact that they would do it is pretty scary,” he added. 

“Upon informing Mr. Campbell of the presence of these Trojans, he provided me with information that the Fort Smith Police Department claimed to be running a secure system with real-time virus and malware protection. In my experience, if the FSPD system is actually as described, these Trojans would not exist on the system,” Mueller wrote in an affidavit filed with the Circuit Court of Sebastian County April 10. 

“Additionally, the placement of these Trojans, all in the same sub-folder and not in the root directory, means that [t]he Trojans were not already on the external hard drive that was sent to Mr. Campbell, and were more likely placed in that folder intentionally with the goal of taking command of Mr. Campbell’s computer while also stealing passwords to his accounts,” Mueller went on. 

In the motion filed last Friday, Campbell accuses FSPD of deleting entire email accounts instead of handing over the evidence as Judge James O. Cox compelled them to do in an order issued May 9, 2014.

 “We’ll let the courts get this worked out and let the disposition speak for itself,” Police Chief Kevin D. Lindsey said when pressed for comment by the Democrat Gazette. 

Campbell has retained a lawyer and intends to file suit against FSPD over the attempted infection, alleging one state and three federal felony violations. 

H/T Ars Technica | Photo via Eduardo Gaviña via flickr (CC BY 2.0) | Remix by Max Fleishman 

Share this article
*First Published: Apr 15, 2015, 5:17 pm