An Arkansas lawyer representing three police whistleblowers has claimed that law enforcement officials at the Fort Smith Police Department (FSPD) infected his computer with a virus in order to spy on the defendants.
Lawyer, Matthew Campell, of Pinnacle Law Firm in North Little Rock is in an active legal battle, representing former officers Don Paul Bales, Rick Entermeier, and Wendall Sampson. The ongoing lawsuit alleges former Fort Smith police official, Don Paul Bales and the two other individuals were illegally investigated after reporting they had been wrongfully terminated and reporting overtime pay practices in the department.
The trio of whistleblowers exposed fraud within the department, in turn, the police tried to illegally surveil the lawyer and the whistleblower dealings.
“Since July 2013, the plaintiffs have been the target of nearly two dozen various investigations,” Campbell told the NADG.
How did Campell’s computer become infected? Campell provided the authorities with a blank hard-drive, requesting the department load the disk with e-mail’s and other data he was allowed to legally obtain in his discovery request. After authorities loaded up the disk with the requested information, department officials added a little extra data Campell didn’t request.
When Campell finally plugged the external hard-drive in, he found a subfolder titled D:\Bales Court Order, Campell’s security consultant, Geoff Mueller, alleges he found three well-known Trojans loaded in folder, including:
- Win32:Zbot-AVH[Trj]: Password stealer and backdoor.
- NSIS:Downloader-CC[Trj]: Software designed to report data back to the attackers server, while updating and installing the malware.
- Win32Cycbot-NF[Trj]: Program that opens loopholes in the computer allowing attackers to easily infect the machine.
The trio of Trojans are generally easily detected with an up-to-date antivirus software. In an affidavit filed [PDF] in the whistleblowers case, Campell’s security consultant made it clear it is highly unlikely the malware-laden files were copied on the hard-drive by accident, citing that Fort Smith police department systems run on real-time/up-to-date anti-virus software.
“Additionally, the placement of these trojans, all in the same sub-folder and not in the root directory, means that [t]he trojans were not already on the external hard drive that was sent to Mr. Campbell,” Mueller said,“and were more likely placed in that folder intentionally with the goal of taking command of Mr. Campbell’s computer while also stealing passwords to his accounts.”
A public information officer for the Fort Smith Police Department declined comment to media outlets, noting the matter is being reviewed and will be presumably be under investigation.
Not only did Campell’s hard-disk contain Trojan viruses, the Arkansas-based Lawyer has also accused the department officials of deleting swaths of emails related to the ongoing case, according to the motion for sanctions/affidavit.
Campell’s earlier discovery order requested that Forth Smith Department turn over all relevant emails, meanwhile, Forth Smith officials began deleting a large number of emails from their system that the department had the ability to recover, as had been provided in previous freedom of information requests.
The lawyer now requests the department be held in criminal contempt and the judge side with the trio of whistleblowers. However, a resolution has yet to be determined.
Just last September, Arkansas State Police officials declined Campell’s request that the criminal investigation division investigate how the hard-drive came pre-packed with malware-laden files. “The allegations submitted for review appear to be limited to misdemeanor violations which do not rise to a threshold for assigning a case to the CID Special Investigations Unit,” the commander of the CID said September 29, in a letter declining Campell’s request. The prosecuting attorney for the court district also declined Campell’s investigation request, claiming the district doesn’t have enough technical resources to conduct an accurate investigation. The prosecuting attorney went on to say the U.S. Justice Department may have legal authority to conduct an accurate investigation.