- Email: [email protected]
Credit cards stolen through known weakness
news
Teenage hacker denies Web attacks ABCNews has learnt that a teenage hacker who calls himself Coolio had vandalized three Web sites but was not involved in recent highprofile Web attacks. Though he has admitted to damaging Dare.org, CWC.gov and RSA.com the teenager denies any involvement with the denial-of-service attacks that took down leading Web sites such as Amazon.com and Yahoo! Coolio, who has been using computers since he was four years old, said, “I am categorically denying that I had anything to do with the Yahoo! attack…I had nothing to do with any of the Web sites that there taken down.” Several computers were confiscated at the teenager’s home following a search by the FBI. The FBI believes someone calling himself ‘Coolio’ could be involved in the denial-of-service attacks because they possess logs of online chat discussions in which Coolio’s name is mentioned in connection to the DOS attacks. The investigation is hampered due to the
number of people online calling themselves Coolio. Other investigations have been carried out by the FBI trying to determine which of the many Coolios could be involved in the attacks. The Los Angeles, USA police began their investigation at the end of last year after an attack on Dare.org, an anti-drug abuse site the LAPD founded. The origin of this attack, and another on a Commerce Department’s site, was traced back to the 17year-old Coolio. On 13 February 2000, a few days after the attacks on the wellknown Web sites, RSA Security Inc. was hacked into. A hacker, calling himself Coolio, redirected visitors from RSA’s Web site to another hacked computer at a university in South America where a very similar Web site proclaimed, “RSA Security Inc. hacked. Trust us with your data. Praise Allah. Owned by Coolio.”
Credit cards stolen through known weakness Thousands of credit cards numbers have been stolen
ISSN: 1353-4858/00/$20.00 © 2000 Elsevier Science Ltd. All rights reserved. This journal and the individual contributions contained in it are protected under copyright by Elsevier Science Ltd, and the following terms and conditions apply to their use: Photocopying Single photocopies of single articles may be made for personal use as allowed by national copyright laws. Permission of the publisher and payment of a fee is required for all other photocopying, including multiple or systematic copying, copying for advertising or promotional purposes, resale, and all forms of document delivery. Special rates are available for educational institutions that wish to make photocopies for non-profit educational classroom use. Permissions may be sought directly from Elsevier Science Rights & Permissions Department, PO Box 800, Oxford OX5 1DX, UK; phone: (+44) 1865 843830, fax: (+44) 1865 853333, E-mail: [email protected]. You may also contact Rights & Permissions directly through Elsevier’s home page (http://www.elsevier.nl), selecting first ‘Customer Support’, then ‘General Information’, then ‘Permissions Query Form’. In the USA, users may clear permissions and make payments through the Copyright Clearance Center, Inc., 222 Rosewood Drive, Danvers, MA 01923, USA; phone: (978) 7508400, fax: (978) 7504744, and in the UK through the Copyright Licensing Agency Rapid Clearance Service (CLARCS), 90 Tottenham Court Road, London W1P 0LP, UK; phone: (+44) 171 436 5931; fax: (+44) 171 436 3986. Other countries may have a local reprographic rights agency for payments. Derivative Works Subscribers may reproduce tables of contents or prepare lists of articles including abstracts for internal circu-
2
and posted on the Internet by a hacker who used a security vulnerability which has been in common knowledge for two years. According to information reported in Computerworld, the cracker used a hole in Microsoft’s Internet Information Server (IIS) to steal the numbers from E-commerce sites. Although a patch for this particular vulnerability has been available for 18 months Web masters at some smaller companies claim they have had insufficient resources to keep up to date with crucial patches. A large number of the credit card numbers were stolen from a wireless phone seller
“one of the biggest traps you can fall into is not to fund your IT security” Promobility Inc. Eric Geiler from the company said, “In a lot of companies, you have one sys/admin guy who goes around and fixes computers, and you can’t keep up to date with all the patches.” According the Geiler, the credit card numbers, including his own, were stolen together with customer names, addresses and phone numbers.
The cracker, who is known as Curador, has exploited the IIS hole to steal credit card numbers from several E-commerce sites. Other victims are reported to include SalesGate.com, LTA Media and Feelgoodfalls.com. Curador is wanted by investigators in Canada, the States, the UK and Thailand. Geiler was surprised that Curador was interested in his small site. He said, “ The biggest flaw you can have it to go into business under-capitalized. And one of the biggest traps you can fall into is not to fund your IT security.”
Unsafe sites reported The Safe Internet Foundation has launched a new Web Hotline service to encourage Web surfers to anonymously report their ‘unsafe’ Internet experiences via an online form at the Foundation’s Web site (www.sif.nl). Any reports received are categorized by the Safe Internet Foundation and, if necessary, forwarded to the appropriate authority, allowing Internet users to actively participate in the attempts to make the Internet safer for everyone. Any sub-
lation within their institutions. Permission of the publisher is required for resale or distribution outside the institution. Permission of the publisher is required for all other derivative works, including compilations and translations. Electronic Storage or Usage Permission of the publisher is required to store or use electronically any material contained in this journal, including any article or part of an article. Contact the publisher at the address indicated. Except as outlined above, no part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without prior written permission of the publisher. Address permissions requests to: Elsevier Science Rights & Permissions Department, at the mail, fax and e-mail addresses noted above. Notice No responsibility is assumed by the Publisher for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods, products, instructions or ideas contained in the material herein. Because of rapid advances in the medical sciences, in particular, independent verification of diagnoses and drug dosages should be made. Although all advertising material is expected to conform to ethical (medical) standards, inclusion in this publication does not constitute a guarantee or endorsement of the quality or value of such product or of the claims made of it by its manufacturer. 02158 Printed by Mayfield Press (Oxford) Ltd
Teenage hacker denies Web attacks ABCNews has learnt that a teenage hacker who calls himself Coolio had vandalized three Web sites but was not involved in recent highprofile Web attacks. Though he has admitted to damaging Dare.org, CWC.gov and RSA.com the teenager denies any involvement with the denial-of-service attacks that took down leading Web sites such as Amazon.com and Yahoo! Coolio, who has been using computers since he was four years old, said, “I am categorically denying that I had anything to do with the Yahoo! attack…I had nothing to do with any of the Web sites that there taken down.” Several computers were confiscated at the teenager’s home following a search by the FBI. The FBI believes someone calling himself ‘Coolio’ could be involved in the denial-of-service attacks because they possess logs of online chat discussions in which Coolio’s name is mentioned in connection to the DOS attacks. The investigation is hampered due to the
number of people online calling themselves Coolio. Other investigations have been carried out by the FBI trying to determine which of the many Coolios could be involved in the attacks. The Los Angeles, USA police began their investigation at the end of last year after an attack on Dare.org, an anti-drug abuse site the LAPD founded. The origin of this attack, and another on a Commerce Department’s site, was traced back to the 17year-old Coolio. On 13 February 2000, a few days after the attacks on the wellknown Web sites, RSA Security Inc. was hacked into. A hacker, calling himself Coolio, redirected visitors from RSA’s Web site to another hacked computer at a university in South America where a very similar Web site proclaimed, “RSA Security Inc. hacked. Trust us with your data. Praise Allah. Owned by Coolio.”
Credit cards stolen through known weakness Thousands of credit cards numbers have been stolen
ISSN: 1353-4858/00/$20.00 © 2000 Elsevier Science Ltd. All rights reserved. This journal and the individual contributions contained in it are protected under copyright by Elsevier Science Ltd, and the following terms and conditions apply to their use: Photocopying Single photocopies of single articles may be made for personal use as allowed by national copyright laws. Permission of the publisher and payment of a fee is required for all other photocopying, including multiple or systematic copying, copying for advertising or promotional purposes, resale, and all forms of document delivery. Special rates are available for educational institutions that wish to make photocopies for non-profit educational classroom use. Permissions may be sought directly from Elsevier Science Rights & Permissions Department, PO Box 800, Oxford OX5 1DX, UK; phone: (+44) 1865 843830, fax: (+44) 1865 853333, E-mail: [email protected]. You may also contact Rights & Permissions directly through Elsevier’s home page (http://www.elsevier.nl), selecting first ‘Customer Support’, then ‘General Information’, then ‘Permissions Query Form’. In the USA, users may clear permissions and make payments through the Copyright Clearance Center, Inc., 222 Rosewood Drive, Danvers, MA 01923, USA; phone: (978) 7508400, fax: (978) 7504744, and in the UK through the Copyright Licensing Agency Rapid Clearance Service (CLARCS), 90 Tottenham Court Road, London W1P 0LP, UK; phone: (+44) 171 436 5931; fax: (+44) 171 436 3986. Other countries may have a local reprographic rights agency for payments. Derivative Works Subscribers may reproduce tables of contents or prepare lists of articles including abstracts for internal circu-
2
and posted on the Internet by a hacker who used a security vulnerability which has been in common knowledge for two years. According to information reported in Computerworld, the cracker used a hole in Microsoft’s Internet Information Server (IIS) to steal the numbers from E-commerce sites. Although a patch for this particular vulnerability has been available for 18 months Web masters at some smaller companies claim they have had insufficient resources to keep up to date with crucial patches. A large number of the credit card numbers were stolen from a wireless phone seller
“one of the biggest traps you can fall into is not to fund your IT security” Promobility Inc. Eric Geiler from the company said, “In a lot of companies, you have one sys/admin guy who goes around and fixes computers, and you can’t keep up to date with all the patches.” According the Geiler, the credit card numbers, including his own, were stolen together with customer names, addresses and phone numbers.
The cracker, who is known as Curador, has exploited the IIS hole to steal credit card numbers from several E-commerce sites. Other victims are reported to include SalesGate.com, LTA Media and Feelgoodfalls.com. Curador is wanted by investigators in Canada, the States, the UK and Thailand. Geiler was surprised that Curador was interested in his small site. He said, “ The biggest flaw you can have it to go into business under-capitalized. And one of the biggest traps you can fall into is not to fund your IT security.”
Unsafe sites reported The Safe Internet Foundation has launched a new Web Hotline service to encourage Web surfers to anonymously report their ‘unsafe’ Internet experiences via an online form at the Foundation’s Web site (www.sif.nl). Any reports received are categorized by the Safe Internet Foundation and, if necessary, forwarded to the appropriate authority, allowing Internet users to actively participate in the attempts to make the Internet safer for everyone. Any sub-
lation within their institutions. Permission of the publisher is required for resale or distribution outside the institution. Permission of the publisher is required for all other derivative works, including compilations and translations. Electronic Storage or Usage Permission of the publisher is required to store or use electronically any material contained in this journal, including any article or part of an article. Contact the publisher at the address indicated. Except as outlined above, no part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without prior written permission of the publisher. Address permissions requests to: Elsevier Science Rights & Permissions Department, at the mail, fax and e-mail addresses noted above. Notice No responsibility is assumed by the Publisher for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods, products, instructions or ideas contained in the material herein. Because of rapid advances in the medical sciences, in particular, independent verification of diagnoses and drug dosages should be made. Although all advertising material is expected to conform to ethical (medical) standards, inclusion in this publication does not constitute a guarantee or endorsement of the quality or value of such product or of the claims made of it by its manufacturer. 02158 Printed by Mayfield Press (Oxford) Ltd