Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Hackers want to sabotage law enforcement agencies

Add to del.icio.us     Digg this story Digg this

December 18, 2009

A few days ago, a ring of hackers have released a new program they say completely undermines a suite of law enforcement forensics tools that Microsoft provides for free to hundreds of policemen, the FBI and Interpol.

Dubbed "Decaf", the hacker's software is an application that monitors Windows systems for the presence of COFEE, a bundle of about 153 point-and-click tools used by police and law enforcement agencies around the world to collect digital evidence at various crime scenes.

When a USB pen containing the software is attached to a protected PC, Decaf automatically executes a seried of countermeasures aimed at helping law enforcement.

Click here to order the best dedicated server and at a great price.

"We want to promote a healthy and unrestricted free flow of Internet traffic and show why law enforcement should not solely rely on Microsoft to automate their intelligence evidence gathering," one of the two hackers behind Decaf said in explaining the objective of the project.

In November, when COFEE leaked out on the Internet, Microsoft downplayed concerns the breach would allow hackers to create countermeasures. Microsoft representatives weren't immediately available for comment when called.

Decaf features a wide variety of user-driven countermeasures against COFEE. In addition to "nuking" temporary files within seconds of detecting files or processes associated with the investigative tool, Decaf can also clear all COFEE logs, disable USB drives and even contaminate or spoof a variety of MAC addresses on the same Windows computers.

Future versions of Decaf even promise to add new features that allow users to remotely lock down protected systems, says the hacker, which has asked to remain anonymous.

The software giant has been pouring COFEE in its Windows operating system to law enforcement officers since at least June or July of 2007.

COFEE, an acronym for Computer Online Forensic Evidence Extractor, packages forensics tools onto an easy-to-use USB stick that allows investigators to easily collect browsing history, temporary files and other sensitive and compromising data from most Windows-based PCs.

COFEE is freely distributed through Interpol, Microsoft has said.

Decaf began seeding on private BitTorrent trackers on Dec. 13 in the afternoon.

The release of the software follows a leak in November of COFEE. By the time Microsoft lawyers demanded the removal of COFEE from sites such as Cryptome, 'the rabbit was already out of the hat'.

As of today, COFEE still remains available on Wikileaks.

While the program's authors are making available the Decaf executable, they are not releasing the source code for fear that the signatures used will be reverse engineered.

The end user license agreement that accompanies the software states: "You will not disassemble, decompile or reverse engineer it, in whole or in part, except to the extent expressly permitted by law. You will not use DECAF for illegal purposes. You will comply with all export laws. DECAF is licensed, not sold."

Add to del.icio.us     Digg this story Digg this

Source: HTS.

Save Internet Security.ca's URL to the list of your favorite web sites in your Web browser by clicking here.

Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.


You can link to the Internet Security web site as much as you like. Read our section on how your company can participate in our reciprocal link exchange program and increase your rankings in the major search engines such as
Google and all the others.

Click here to order your Proxy Sentinel™ Internet security server today!

Proxy Sentinel™ is the most secure Internet proxy server on the market today. Click here for more information.
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet Security.ca is listed in
Global Business Listing

| Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact |
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer



Install your server in Sun Hosting's modern colocation center in Montreal. Get all the details by clicking here.


Get your Linux or Windows dedicated server today.


The industry's best and most accurate tool to find out EXACTLY what your CORRECT keywords are. Click here to learn more.