Forwarded From: William Knowles <erehwon@kizmiaz.dis.org>
[I'm not sure if the 14 year old listed below is one of the
'usual suspects' at the Chicago 2600 meetings, But I am
wondering if some of my social engineering lessons to the
younger crowd is now showing the fruits of labor.
I'm not saying that what s/he did is right, But only shows
that one doesn't not need to know the latest script or
Rootshell advisory to break into a system, But just knowing
how to bullshit some $6.75 an hour drone into giving you
the password is something no firewall could never hope
to stop. The human element is something that rarely can
be controlled in a computer security enviroment, Everyone
is all too willing to help.
I'm sure that as I write this, Some heads are rolling at
MCS.net (Fox Chicago's provider) and there will be some new
faces at the next Chicago 2600 meeting with Gunny sacks
asking how to break r00t. :) - William]
[News.com] (7.8.98) Update -- Here's one incentive to send your
computer-savvy kid to summercamp. Probably with nothing better
to do on a summer evening, a 14-year-old hacker who calls himself
"Digphreak" socially engineered his way into the account of a
local Fox Television affiliate's Web site in Chicago last night
and posted a message in support of infamous mass-hacker
Kevin Mitnick.
Digphreak, who contacted CNET NEWS.COM today, said he had called
the Fox affiliate's ISP and asked to reset the password--a process
known as "social engineering." Digphreak claimed that the service
representative only asked for the billing address before resetting
the password.
"I just said I forgot my password," Digphreak said today.
"They didn't ask for a name or anything. I just looked up
the administrative contact and said I was the tech person."
"Fox 32 Chicago Has Been Hacked," the blackened Web site read.
"This Web site has been hacked, by digphreak and errortype11.
My motives are other than destructive. I actually am here to
bring an issue to your attention. Kevin Mitnick, a notorious
hacker, has been held in jail, for over three years,
without trial."
The adolescent hacker claimed he had no real motive in
targeting the station in particular, and added that he
simply wanted to get his message across about Mitnick.
"These are the same kids where if computers didn't exist,
they'd be out on the streets tagging buildings with spray
paint cans," said John Vranesevich, who runs hacker news
site Antionline.
"I just knew the Web site better than others and the phone
number was in my area code," Digphreak said regarding his
choice of targets. "I don't think it's going to prove much,
I just wanted to say something. I think it's so criminal
that Mitnick hasn't had a trial for three years."
Mitnick, who is considered one of the world's most notorious
computer systems hackers, has been held without bail since
1995. Mitnick is facing multiple charges stemming from a
series of computer break-ins that occurred between June 1992
and February 1995.. He is accused of attacking systems belonging
to software makers, ISPs, and educational institutions.
Account takeovers have been a common means for computer
"crackers" to deface a company or organization's Web site.
These takeovers often occur when the cracker is persistent
enough to find a customer service representative who does
not follow standard identification procedure. Such was the
case last month when the American Civil Liberties Union's
AOL site was compromised.
Fox affiliate WFLD's Web site, which was down for about
15 hours, has since been restored. The station was unaware
of the hack until it was contacted by CNET NEWS.COM.
"We haven't been hacked before," said Gavin Maliska, WFLD's
managing editor. "I think all it makes us do is to talk to
our service provider to talk about security and how to
improve it."
But using the station's Web site to get the protest message
across may have been even less effective than Digphreak had
hoped.
"Our site is unlike other news sites that provide news bulletins,"
Maliska noted. "Our site is promotional, so it doesn't require
daily input."
-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Fri Jul 10 09:13:30 1998