malware botnet hack...
 
Notifications
Clear all

malware botnet hacker? Innocent Nephew NEED A HERO TO SOLVE

45 Posts
11 Users
0 Likes
1,727 Views
(@tweedybird)
Posts: 24
Eminent Member
Topic starter
 

deleting all of my posts..thanks to everyone. God Bless.

 
Posted : 03/09/2018 12:05 pm
jaclaz
(@jaclaz)
Posts: 5133
Illustrious Member
 

Maybe you should post your location (state/city), so maybe some member working in the area (or willing to travel) may contact you.

jaclaz

 
Posted : 03/09/2018 2:07 pm
Igor_Michailov
(@igor_michailov)
Posts: 529
Honorable Member
 

Hi TweedyBird,

Could you give me your contacts?

 
Posted : 03/09/2018 3:30 pm
(@tweedybird)
Posts: 24
Eminent Member
Topic starter
 

Sent PM with contact info..thanks

 
Posted : 03/09/2018 4:47 pm
tracedf
(@tracedf)
Posts: 169
Estimable Member
 

A few thoughts

Disclaimer This is not legal advice, or even an expert opinion. I am shooting from the hip.

1) The prosecution has a pretty strong case given just a few key facts child abuse images were printed in that house. Those images match thumbnails on your nephew's computer. Searches related to child abuse images were made from that computer.

2) The malware angle is a dead-end. I've heard of one or two cases where an employee successfully blamed malware/adware for pop-ups for (adult) pornography. I've never heard of that working in a CP case. And, it doesn't make sense. I don't think there are any malware strains or botnets whose purpose is to spread child abuse images. Those sites try to stay off the radar. Hacking is a very remote possibility, but you would need someone with technical skills, motive, and the willingness to seek out these images just to put them on someone else's computer. You said there was malware on the computer, but that's not enough. You need to show that the malware was actually responsible for the pictures/video.

3) You said that your nephew was at work on three dates when this activity occurred. How many dates did it occur? Who else used the computer? His stepfather? I think the possibility that someone else in the house is responsible is far more realistic than the malware/hacker angle. Is there any evidence that he was outside the house at the other times where this activity occurred?

4) It doesn't matter that he "does not use Bing". If I were the detective, prosecutor, or a member of the jury, I would just shrug my shoulders and say "he did that day." Other people may see it differently, but I don't think this will provide any serious doubt about the case.

5) You said you paid $28,000 for forensics. How many experts? How much time did they each spend on this? Typical rates are $250 and up so I'm guessing you've bought a hundred hours or so. If you've hired multiple experts and they haven't found anything to seriously challenge the prosecution's case, you should think long and hard before hiring another. It's possible that they were charlatans, but agreeing with the prosecution doesn't make them that. Did you get a CV from them? How long have they done forensics? How much training have they had? Did they have any forensic certifications? Are they in the forensics business specifically or are they general IT consultants or private investigators who just so happen to do a little forensics now and again?

6) Your nephew's lawyer should be the one running this case.

 
Posted : 03/09/2018 11:44 pm
(@tweedybird)
Posts: 24
Eminent Member
Topic starter
 

deleting all of my posts..thanks to everyone. God Bless.

 
Posted : 04/09/2018 5:34 am
tracedf
(@tracedf)
Posts: 169
Estimable Member
 

Regarding thumbnails you're correct that thumbnails alone should not substantiate a charge. Laws against possession of child pornography require knowing possession (again, I'm not a lawyer) and thumbnails, especially deleted ones, typically lack the context needed to show that. But, in this case, you said (correct me if I'm wrong) that the thumbnails match the pictures that were printed and there are some search queries for keywords that relate to child pornography. That's probably enough to show the connection to a jury.

Do you have anything to substantiate the chat room threat? If not, it sounds too implausible (whether it's actually true or not). And, even if the threat is true, it could be hard to connect the threat to this unless it was really specific (e.g. "Pay me $10k or I'll put CP on your computer and turn you in.")

Botnets are generally big (thousands of machines up to millions). Commands are sent out to those bots as a group (e.g. everybody connect to the Playstation Network over and over for the next hour). It's not somebody establishing a remote connection to one machine and controlling it.

Regarding the searches I'm not sure the 5-6 second gap is unusual. It could indicate clicking onto the next page of search results or clicking on a suggestion for related search terms. For example, I did a Bing image search for "Hard Drive" just now and it suggested "Computer Hard Drive", "Laptop Hard Drive", "PC Hard Drive", etc. I clicked on "Laptop Hard Drive" and it took me to the Bing image search results for that phrase. That's all reflected in my browser history and there's only a few seconds between those searches.

Based on what you've said, the most reasonable conclusion is that somebody browsed for and printed out child abuse images from that computer. It's possible that it was not your nephew and the fact that he was at work when some of this activity occurred is helpful. It's even possible that the things that printed out were already queued up but didn't print because of some issue and that the printer only spit them out when the computer rebooted. I am very doubtful about the hacker/malware angle without something concrete to substantiate it. But, if his attorney can show that he was away from home when much of this activity occurred, he may be able to cast enough doubt to win an acquittal. Obviously, I don't have the full details, but him being at work when some of this happened is the one thing you've said that makes me believe your nephew might be innocent (not just able to show reasonable doubt, but truly factually innocent).

If this were my nephew, I would tell him this I love you and I believe you. But, if by some chance you did this and are afraid to let us down by taking the plea, you need to go back to your attorney and tell him. Tell him the truth so that he can do what's best for you and we'll get you the help you need when you get out. Don't go to prison for ten years because you're afraid to disappoint us.

 
Posted : 04/09/2018 6:47 am
tracedf
(@tracedf)
Posts: 169
Estimable Member
 

5) 1st forensics guy $5,000 didn't really find anything helpful..2nd one not much help but some and we were willing to hear anything at this point…so we are going to trial with him and we had to pay X hours in advance assuming the trial is a few days. Airgo the $20,000 advance payments + the $8,000 we already spent on him….

$20k in advance? How many days is he supposed to spend in the courtroom. Even at $400 an hour ($3,200/day), a very premium rate, that's more than a week in court. At $250/hour, that's two weeks in court. If there was travel and airfare involved, maybe. But…look closely at that bill. I'm not saying it's not legit, it just feels like a lot.

 
Posted : 04/09/2018 6:51 am
Bunnysniper
(@bunnysniper)
Posts: 257
Reputable Member
 

A few points from me

- which evidence do you have now a Forensic Investigator could examine? What could you hand over or prepare for a downlaod? A forensic sound image? Or only extracted files, lets say a few Eventlogs?
- which Windows Operating system did he use?

and one more thing I never heard of anyone printing out illegal images…all cases I have heard from only involved saving, presenting and sharing of digital files. Why should a criminal present the evidence of his crime and print it on paper? Very odd.

regards,
Robin

 
Posted : 04/09/2018 8:03 am
(@tweedybird)
Posts: 24
Eminent Member
Topic starter
 

deleting all of my posts..thanks to everyone. God Bless.

 
Posted : 04/09/2018 12:22 pm
Page 1 / 5
Share: