In 2001 we first heard reports of an FBI keylogger that could attack remotely. The tool dubbed the Magic Lantern was an improved version of the physical keylogger that helped the FBI take down Nicodemo S. Scarfo in 1999. The FBI, while admitting that the keyboard logger software existed, refused to acknowledge its deployment. It wasn’t till 2007 that we found out that the Magic Lantern keystroke logging software was in fact in use. Not only that but it had become part of a larger tool called the Computer and Internet Protocol Address Verifier (CIPAV). Come 2013 the CIPAV is still illegal, and by extension the same can be said of the Magic Lantern.
When news first broke out about the Magic Lantern, major antivirus firms were put on the spot: would they or wouldn’t they track the malware like tool? The answer was a heavy no which resonated throughout the security and privacy advocate community. Both McAfee and Norton agreed to leave backdoors for the Trojan. However, F-Secure, a Finland based company, took a staunch stand against the Magic Lantern and refused to cater to any loopholes or backdoor requirements that the FBI might have. That being said, thus far there’s been no news of F-Secure creating measures to detect the Magic Lantern. So while they didn’t leave a backdoor, they never sprung a trap either. With the NSA scandal hitting the news every other day, we can only wonder what other tools government agencies have up their sleeves.