Say “Creep!”

13 01 2012

One of my students sent me a link to a story about a webcam hacker published in GQ magazine. Luis Mijangos, a self-taught coder/hacker, used a variety of malicious hacks to break into people’s computers and look through their harddrives. On the surface that sounds like basic “run-of-the-mill” hacking… but the really creepy part was when he would hack the computer’s webcam to turn it on and off at will. SinceĀ a lot of people keep their laptops/desktop machines in their bedrooms, you can imagine the kind of webcam recordings he was able to download (and eventually use to blackmail his victims). The author of the article, David Kushner, does a great job at trying to understand the psychology of the hacker.

Here’s the link to GQ. It’s worth a read – especially if you need a little Friday the 13th paranoia.

Thanks to Dylan T. for the link.





Where is your identity?

17 02 2009

Here’s another example of how statistics can lie (and if it’s not an outright lie, then at least it’s a huge misrepresentation of the facts). This much is clear: the issue of identity theft is an increasing concern for both citizens and other officials (police, politicians, corporate watchdogs, etc). What isn’t so clear is where (or how) identities are actually stolen.

You don’t have to look far to find literature suggesting that the majority of identity thefts happen as a result of stolen or lost wallets. Many people claim that the risk of losing your identity due to a data breach is fairly small. At first glance this makes sense, but Kevin Poulsen writing on Wired’s Threat Level blog suggests that when you look at the data these statements don’t make sense.

In particular, Poulsen examines a report by Javelin Research. Recent victims of identity theft were asked how their identities were stolen. According to the chart, most people were victims of wallet theft; however, if you read the fine print you’ll actually find that the majority of the people surveyed actually had no idea how their information was stolen. Hmm… something isn’t right here. In other words, information could quite easily have come from a hacked database.

Read the full story (and see the pretty charts) here.





A monster of a problem

28 01 2009

Recently, the databases at Monster.com (the site for job-seekers) was compromised and hackers illegally gained access to personal data. While company officials say that the hackers did not access social security numbers, resumes, or financial data, the fact remains that personal information was stolen.

It’s not entirely clear why hackers would target Monster, but some suggest that the hackers could use the information they found to phish for more detailed personal information (and potentially gain access to financial information). Monster refuses to state which countries were most affected by the breach, so it is difficult to determine who is at risk.

Read more here.





Hackers have to make money too

17 09 2007

Today the BBC has a story stating that high-tech computer crime is “big business.” The story describes how criminals are commercializing their activity by creating easy to use toolkits that allow the criminally-minded to attack businesses. These cyberbullies are even teaming up with each other to improve their chances of success. It sounds like a regular back alley brawl out there.

To be sure, internet crimes (phishing, fraud, and general hacking) do pose problems for businesses and individuals. But the only source quoted in this article is the European Director of Security for Symantec (makers of the Norton line of anti-virus kits). Don’t get me wrong, I’m not saying that the information in the article is incorrect, just that one might want to find some supporting facts from another source. It is definitely in Symantec’s best interest to publicize criminal activity on the internet – but you be the judge!