14 DAY TRIAL // A request for quote (RFQ) published on the website of the US Federal Business Opportunities shows that the Federal Bureau of Investigations needs malware, and a lot of it – 35 GB per day, to be more precise.
There’s a very good explanation for why the FBI needs malware. There are some stories about the FBI using malware in its investigations, including to track down an Iranian man suspected of making bomb threats.
In this case, the FBI says it needs malware for its Operational Technology Division’s (OTD) Investigative Analysis Unit (IAU), which provides technical analysis for investigations and intelligence operations that involve computers and malicious software.
“The collection of malware from multiple industries, law enforcement and research sources is critical to the success of the IAUs mission to obtain global awareness of malware threat. The collection of this malware allows the IAU to provide actionable intelligence to the investigator in both criminal and intelligence matters,” the RFQ document reads.
The malware sold to the FBI can include executable files for all types of operating systems, archive files, image files, audio and video files, PDFs, PHP files, Microsoft Office documents, JavaScript files, HTML files and RTF files.
They must be organized by their SHA1 hashes, be updated every 24 hours, and the FBI must be able to retrieve the information in an automated way.
“While the above sets forth the minimum requirements for the technical response, the stated requirements are not intended to limit the offeror’s initiative and ingenuity. The technical response may be expanded to include issues considered by the offeror to be appropriate,” reads the RFQ.
It’s worth noting that the FBI might ask for a sample product “for test evaluation purposes.”