Computer and Internet Protocol Address Verifier

CIPAV ( C omputer and I nternet P rotocol A ddress V erifier ) is Windows-based spy software that is used by the FBI to search suspects' PCs. In contrast to the so-called federal Trojan , it is only used by the FBI with a judicial search warrant. After the installation, the software sends data about hard disk contents, used and installed programs, information about the browser and operating system, serial number as well as all user information from the Windows registry . The transmitted activities on the Internet are made up of the URL visited and all IP addresses that were accessed.

Diffusion technique

According to the FBI, the software is sent from a computer via email or instant messaging and is installed on the target computer. The software can also be transferred to the target computer via Internet offers from other Internet service providers such as MySpace or Google Mail .

There is the assumption that this explanation is only being used as a technically simple distribution by the FBI in order to conceal that such software is much more effective (i.e. without a user error or breaking into someone else's computer) with the help of a man-in-the middle attack can be installed via updates of the operating system or the virus scanner. If there is cooperation with the manufacturers of operating systems or virus scanners, there are almost no technical possibilities for the user to defend himself against such attacks.

Federal Trojan

In July 2007, German federal authorities asked the USA about the CIPAV monitoring program. It is unknown whether the FBI passed on the program or information about its functioning to the German federal authorities.

See also

• Online search
• Man-in-the-middle attack

Web links

• Sample search warrant requesting a CIPAV search (PDF; 623 kB; English)
• Article on the technical functioning of Trojan attacks heise.de
• Wired.com: 150 pages of declassified FBI CIPAV spyware documents

Individual evidence

1. ↑ CIPAV? (PDF; 2.7 MB) In: Federal Bureau of Investigation . July 24, 2007, archived from the original on May 23, 2012 ; Retrieved October 14, 2011 . 
2. ↑ Tim Zetter: Germany Sought Info About FBI Spy Tool in 2007. In: Wired . October 13, 2011, accessed October 14, 2011 .