The Art of Intrusion-Kevin Mitnick

The Real stories behind the exploit of hackers, intruders and deceivers – Kevin Mitnick

When it comes to books all hackers and those interested in computer security must read, then one can hardly miss the book The Art of Intrusion by Kevin Mitnick. The Art of Intrusion is a book abou real life exploits from many hackers in their own words as given to the author Kevin Mitinick. Kevin Mitnick, the once notorious hacker who was considered the most famous computer criminal of his time in America, and now reformed security professional, has come up with yet another book  after the hugely popular The Art of Deception which brought the idea of social engineering into the mainstream. Social engineering is referred to as deceiving victims into revealing their personal details and Mitnick himself is a staunch advocate of social engineering as compared to hacking.

The Art of Intrusion- Kevin Mitnick

Both the books deal with the mechanisms of hacking and social engineering and their consequences While the first book was rife with incidents and stories which were fictional and dealt with these topics in a fictional manner. The Art of Intrusion  has a collection of real incidents of hacking and social engineering which were narrated by real hackers to the author himself. The hackers featured in the book are real who gave their version of the incidents to Mitinick as he is a well known name in the world of hacking. Moreover, he personally interviewed most of these hackers and published their stories pseudonymously. The book does not celebrate the hackers as heroes, but it also highlights the fact that the victims could have prevented what happened to them and mentions the tips and countermeasures  by victims to avert the incidents which took place.

The book is replete with many shocking, humorous, and clever incidents that demonstrate effectively the extent to which these hackers can think and plot such ingenious schemes and how they overrided nearly insurmountable security measures with great confidence. Moreover, Mitnick and ao-author Simmons did personal investigation to corroborate the truth in the stories told by the hackers. The book incudes many diverse incidents e.g  a story about four friends who won millions at a casino  in Vegas by revese engineering their slot machines. Other stories include an acccount of two teenagers who hacked into Lockheed Martin computer systems after being persuaded by terrorists. Of all these the most interesting is the one about a “Robin Hood” hacker who used to expose security flaws and shortcomings by hacking the systems of many top companies and then explained how he got past their security. Mitnick has also mentioned several incidents where the hackers were dealt with in hard manner by the  authorities.

These interesting incidents definitely evoke awe for the wits and audacity of these hackers as most of them who are young. He does not fail to make a point that all these exploits were avoidable had the victims been aware and alert and mentions the consequences of such incidents. All in all this book is entertaining and enlightening at the same time and is recommended for both hackers and non-hackers and for those who simply want to have a fascinating read about the world of hacking.

ABC website hacked

ABC website hacked and personal details exposed

The website of the top broadcasting agency in Australia i.e. the Australian Broadcasting Corporation (www.abc.net.au) was hacked last night by a hacker. The hacker apparently hacked the channel’s website as retaliation for the broadcast of an interview of a Dutch Anti Islam leader Geert Wilder on February 22^nd. The hacker also leaked personal details of more than 50,000 users on the ABC website and released them online during the night.

ABC website hacked and personal details exposed

The leaked data includes usernames, passwords, email addresses and residential addresses along with other critical sensitive information and more than a 1000 of these users happen to be government employees.

The hacker announced the hack on his twitter handle @Phr0zenM in a tweet, “ABC hacked for giving a platform for Geert Wilders to spread hatred #OpWilders – database leaked!” at around 1pm. Certainly this person is protesting for the airing of the interview of the Dutch leader and performed the hack as part of Operation Wilder.  The hacker infiltrated the website of the program Making Australia Happy and from there the data was stolen.

ABC took prompt action as soon as it was intimated of the hacking. The spokesperson for the channel addressed the press via email and mentioned that the channel had been

“made aware that an ABC television programme website was hacked. The website relates to the ABC television programme Making Australia Happy, which aired in late 2010“.

 “At this stage, we are still investigating the details of the breach. However, we do know that it has exposed the name, username and a… version of the password that audience members used to register on the programme website,” she said.

 “As soon as the ABC was made aware of this activity the site was shut down.” 

Moreover, she also mentioned that “The ABC will be in contact with audience members who have been directly affected,” and stated that the attack had originated in some overseas location and that an activist had claimed direct responsibility for the breach.

The leaking of personal details of so many people has generated a lot of outcry by the Australian public and many are feeling anxious. One Mr. Tim Gresham of New South Wales told that he was appalled that his personal details had been leaked online and said that

“This hacker has probably got a lot of information about me, intimate information about me, having an idea of what that website asked me in terms of my relationships and personal life,”

“They’re asking a lot of people some very intimate stuff on that website, so these hackers have got some fairly intimate information on a number of people if they’ve managed to hack that website. This is big.“

However, the Federal Privacy Commissioner Timothy Pilgrim is pleased with the swift response of the channel in this matter and said that he will not investigate the matter personally as he found the handling done by the channel adequate.

The hacker, however, is not the only one to protest against Wilder’s visit to Australia as people had took to streets in Sydney where he made the speech and a minor scuffle had erupted between protesters and the authorities.

Hackers turn China security report into Trojans

Hackers create malicious versions of a report released by Mandiant which linked cyberattacks to the Chinese army, but the IT security vendor says its system is not breached.

Hackers have tampered with the security report by a leading U.S. security vendor Mandiant, which incidentally discussed implicated Chinese army in the cyber attack on many leading U.S. companies and other Western organizations. The report which was released last week obviously made headlines around the world and made many shocking revelations about the role of the Chinese state in using cyber technology to further their espionage and other activities etc. So the hackers decided to turn the tables on them and they tagged the report file with a little souvenir of a malware of their own to the file such that a report which accused the Chinese of attacking others became a weapon for their use itself.

Hackers turn China security report into Trojans

The digital report, which is about 60 pages long, was tagged with a Trojan or malicious software which allows the hackers to control the infected computers once the file is downloaded and accessed by users. These tainted files come with an email that was sent by the hackers as part of their spearphishing campaign. As per a blog post by Symantec, the corrupted files have been used as “bait” by hackers by embedding a virus called Trojan.Pidief into fake reports which are disguised as PDF files and open a blank PDF document upon opening, which unleashes the malware while remaining unknown to the users. The malware has been designed to exploit the vulnerability in Adobe Acrobat known as Reader Remote Control Execution vulnerability. The email containing the fake report comes from a media organization is in Japanese language along with the PDF attachment containing the malware. 

Moreover, there have been reports of a second spearphishing campaign, according to Kaspersky Lab ThreatPost : The first phishing attacks are using a file named “Mandiant_APT2_Report.pdf“, a slight variation of the real report name, which uses the APT1 moniker that the computer security firm applies to the specific crew of Chinese attackers discussed in the document. The other spear-phishing attack is using a document named “Mandiant.pdf” as its bait, and the malware used in that attack calls back to a C&C server based in Korea, also at a dynamic DNS provider.”

The first phishing mails were sent from somewhere in Korea to target Japanese organizations, but the second campaign is more obscure in its whereabouts and targets.

The report by Mandiant, which raised strong evidence for the role in Chinese army in sponsoring cyber attacks, including a video has left little to the imagination of anyone.  The report mentioned a unit of Chinese government known as Unit 61938 responsible for the hacking attacks to which the report referred to as Advanced Persistent Threats (APT) which have been functional for many years now.  Mandiant has developed this report over quite some period and have documented more than 150 attacks perpetrated by the APT groups.

The Chinese Ministry of Defence has refuted all such allegations of industrial espionage. However, the U.S, Government has recently decided to up their cyber security. Well, this seems the only solution at present but the government must aim for increasing education and awareness about such attacks to effectively curb this problem.

Perth gamer caught in cyber crime raid

A PERTH man’s house has been raided by police after he allegedly tried to sell a prototype of Microsoft’s new Xbox gaming console on the internet.

The house of a person living in Perth was raided by the local police on grounds that he was trying to auction off the development kit of the upcoming next-generation gaming console in the Microsoft Xbox series on the online auctioning site eBay. The new Xbox console, codenamed Durango is due to be launched by Christmas this year. The person is a teenager, referred to as SuperDae whose real name is Dan ‘Dylan’ Henry, who had his house raided on February 19^th after the police furnished a search warrant and apprehended him as he attempted the sale of the prototype of the to be launched Durango console. Moreover, the Federal Bureau of Investigation was also involved in the raid and confiscation of items and is charging him with international corporate espionage.

Perth gamer caught in cyber crime

The raid was carried out a few months after the teenager discussed about the upcoming console on his Twitter account which happens to be quite popular and which he auctioned the development kit on eBay. A spokesperson for the West Australian police did mention that  ‘Technology Crime Investigation unit is currently conducting a multi-jurisdictional investigation into computer-related offences,’ and that ‘A search warrant was conducted Tuesday the 19th of February 2013 in relation to this investigation where items were seized.’ However the spokesperson did not make any comment on the involvement of FBI in the relevant raid. During the raid, items the police confiscated include computers, Blackberry, VISA cards, and banking records etc.

SuperDaE did tweet about the raid in his house tweeting ‘police raided me’ and said that ‘an FBI agent and 7-8 police in your house and also that , ‘I don’t even have bank cards to buy or pay for a lawyer or a phone,’.  He even published the police search warrant online and said that the mention of Microsoft, PayPal and eBay was funny. Microsoft, in the meanwhile has denied allegations that they were behind sponsoring the raid in any manner and they have nothing to do with all this, “Microsoft did not initiate this FBI investigation with this individual, as has been asserted in some of the articles in the media,” and that “We take security very seriously and have no evidence of any compromise of our corporate network. We have no further comment on this matter.”  However, the truth in this statement is disputed as is the involvement of the FBI.

All this controversy and hype surrounding the case has made people curious about this man and who he is actually. Well, SuperDae is an active and persistent video game hacker who has a record of infiltrating giant video game companies such as Epic, Blizzard and Sony and claimed to have obtained versions of games which were yet to be released. Moreover, he also claimed that he did not commit any hack for any personal gain or commercial profit but just as a curious hacker who wanted to expose security fallacies even thinking of himself as a cyber security consultant. Whether he is just a curious teenager caught in the act, or a cyber criminal will be clear only after further investigation.

Microsoft follows Apple, Facebook into hacker hit list

Microsoft joined Facebook and Apple on Friday on the list of US technology titans targeted in recent cyberattacks.

Microsoft is the latest entrant in the growing list of companies that have become the victims of the widespread hacking campaign that has affected many top US Technology organizations like Apple and Facebook. The giant finally admitted that had been subjected to an intrusion in a similar manner to that which was seen over the hacks which affected Facebook and Apple.

Microsoft follows Apple, Facebook into hacker hit list

Acting as spokesperson Matt Thomlinson mentioned in a blog today, that a small number of machines had suffered security intrusions in the Mac business unit of their company and also mentioned that the attacks had been carried out similarly to the Facebook and Apple hacks. The hacking attacks have taken a toll over more than 40 companies in the U.S. and many people are accusing the Chinese state of sponsoring these attacks as part of their cyber espionage activities.

The first reports about these attacks started appearing early in February when Twitter announced that they had suffered an attack in which user info of more than 250,000 users have been compromised. It was during the last week that Facebook had announced that they had been hit by a sophisticated hacking attack. Finally, it was stated by Apple that they had suffered their possibly largest intrusion by a group of hackers but did not let the attackers get away with any data whatsoever. Apple is working together with the authorities to nab the persons responsible. All the attacks were performed in the same fashion, by employing malware, which are commonly used to commit cyber crimes.  The malware affected the devices use by workers at these companies who got the malware after they visited a web forum for software developers. The malicious software exploited a loophole in the plug-in made by Java which these machines use, a type of attack known as a watering hole intrusion.

Matt Thomlinson did not elaborate further on the nature of the intrusion but did clarify that no data was stolen from Microsoft, “During our investigation, we found a small number of computers, including some in our Mac business unit, that were infected by malicious software using techniques similar to those documented by other organizations.” and said that investigations were being carried out by Microsoft and that they did not announce the attack earlier as they were following security protocol and investigating further to confirm the incident.

 This slew of attacks has surely become a cause of concern for all organizations in the technology sphere but Thomlinson said that such attacks did not surprise, “This type of cyberattack is no surprise to Microsoft and other companies that must grapple with determined and persistent adversaries,” he said. It seems that everyone will have to be cautious and wary of suspicious software to stay clear of such attacks, be it an individual user or an organization.

Hackers attack Microsoft computers

Microsoft has become the latest US technology company to confirm that it has been targeted by computer hackers.

Microsoft has become the most recent company to become the target of hackers this week which saw a spate of attacks on bigshots like Apple, Facebook, and Twitter etc. The company declared in a blog post statement that a small number of computers had been hit by hackers in a manner similar to the one used to attack the computers at Apple and Facebook earlier this week. The series of attacks which started early in February, when Twitter announced that more than 250,000 user accounts had been hacked into, after which Facebook was attacked last week and then Apple who declared that they had been attacked by the same hackers who targeted Facebook. Microsoft said that it did not make a statement earlier as they were investigating the attack. Matt Thomlinson of Trustworthy Security team at Microsoft, commented that, “As reported by Facebook and Apple, Microsoft can confirm that we also recently experienced a similar security intrusion.”

Hackers attack Microsoft computers

The attacks were performed in a similar manner to the Facebook and Apple intrusion committed using a malware infection, where the hackers use a software developer forum to distribute the malware which was designed to exploit security vulnerability in the Java plug-in of the browsers of the victims. Similar malware was employed for the hacking of machines at Microsoft.

Thomlinson also elaborated that “During our investigation, we found a small number of computers, including some in our Mac business unit, that were infected by malicious software using techniques similar to those documented by other organisations.”  He also stated that there was no evidence of any consumer data being affected and that the investigation was ongoing. Apple, which confirmed the attack on Tuesday, had stated that they had countered the hackers during the process of hacking and had prevented loss of data from their employee’s devices.

Similarly in case of other attacks that took place this week; speculation is rife that these attacks were committed by Chinese hackers working for the State. Moreover, Facebook officials had stated that they had traced the attacks back to China adding further to the present speculation. The modus operandi of the attacks, which includes attacking the devices of employees of prominent companies, is another intriguing sign of the nature of attacks. Given the reputation of the Chinese state when it comes to performing cyber espionage, it would not be much of a surprise either. However, some people are considering Eastern European cyber crime organizations behind these attacks

Whoever may be behind the attacks, but the fact is that such attacks are becoming commonplace these days and Matt Thomlinson aptly commented that “This type of cyberattack is no surprise to Microsoft and other companies that must grapple with determined and persistent adversaries.”