• IP addresses are NOT logged in this forum so there's no point asking. Please note that this forum is full of homophobes, racists, lunatics, schizophrenics & absolute nut jobs with a smattering of geniuses, Chinese chauvinists, Moderate Muslims and last but not least a couple of "know-it-alls" constantly sprouting their dubious wisdom. If you believe that content generated by unsavory characters might cause you offense PLEASE LEAVE NOW! Sammyboy Admin and Staff are not responsible for your hurt feelings should you choose to read any of the content here.

    The OTHER forum is HERE so please stop asking.

Hacking 101

SteveAustin

SteveAustin

Alfrescian
Loyal


20186640ecec08e6f4c429ff1b46d74aa6926c98.png



 
SteveAustin

SteveAustin

Alfrescian
Loyal

For Guccifer, Hacking Was Easy. Prison Is Hard.

By ANDREW HIGGINS NOV. 10, 2014

GUCCIFER-master675.jpg


Marcel-Lehel Lazar, a.k.a Guccifer, tormented various celebrities with no special skills beyond what he had picked up on the web. Credit Cristian Movila for The New York Times

ARAD, Romania — He reveled in tormenting members of the Bush family, Colin L. Powell and a host of other prominent Americans, and also in outfoxing the F.B.I. and the Secret Service, foiling their efforts to discover even his nationality, never mind his identity. Early this year, however, the elusive online outlaw known as Guccifer lost his cocky composure and began to panic.

He smashed his hard drive and cellphone with an ax.

That spasm of precautionary destruction, at his home in Romania’s rural Transylvania region, did not help him much — especially as he left pieces of what would later become evidence scattered in the m&d.

Two weeks later, on Jan. 22, a global hunt for the celebrated and mysterious hacker who first revealed self-portraits painted by George W. Bush and plundered a trove of personal emails from politicians, military officers and celebrities finally ended in an early morning raid of his home.

“I was expecting them, but the shock was still very big for me,” the hacker, now serving a seven-year sentence, said. He spoke in an interview, his first, at the Arad Penitentiary here. “It is hard to be a hacker, but even harder to erase your tracks.”

In many ways, however, his two-year rampage through the email accounts of rich and powerful Americans showed how easy it can be to go rogue on the Internet and, even when armed with only rudimentary skills, to stay one step ahead of the law, at least for a while.

The hacker who signed off as Guccifer (pronounced GUCCI-fer) — a nom de guerre coined, he said, to combine “the style of Gucci and the light of Lucifer” — turned out to be Marcel-Lehel Lazar, a jobless 43-year-old former taxi driver. He had no expertise in computers, no fancy equipment, only a clunky NEC desktop and a Samsung cellphone, and no special skills beyond what he had picked up on the web.

Viorel Badea, the Romanian prosecutor who directed the case, expressed dismay that Mr. Lazar had gotten so far with so little. “He was not really a hacker but just a smart guy who was very patient and persistent,” Mr. Badea said.

Instead of burrowing into his victims’ email accounts using computer worms and other hacking tools, the prosecutor said, Mr. Lazar trawled the web for information about his targets and then simply guessed the right answers to security questions. “He is just a poor Romanian guy who wanted to be famous,” said the prosecutor, who leads a cybercrime team in Romania’s organized crime unit.

It took six months of trial and error for Mr. Lazar to guess the right answers and gain access to the emails of Corina Cretu, a 47-year-old Romanian politician who sent pictures of herself in a bikini and a flirtatious message to Mr. Powell, the former secretary of state. Mr. Powell, who has denied having an affair with Ms. Cretu, had urged her to delete all their messages after he discovered that his own email account had been hacked.

Mr. Lazar, who is half-Hungarian, acknowledged that he relied mostly on educated guesswork. He said he had no training in computers, though he did work, briefly, in a computer factory. “I got fired after two weeks,” he said.

To cover his tracks, he launched most of his raids through a proxy server in Russia. He figured that would hide any fingerprints leading back to Romania, where he already had a police record. That followed a 2011 conviction for hacking into the email accounts of Romanian starlets and other celebrities under the name Micul Fum, or Little Smoke.

Mr. Lazar was so confident of his ability to elude detection that, late last year, he started boasting of his exploits to The Smoking Gun, an American website that on Jan. 6 posted a defiant email message in broken English from the still unidentified Guccifer: “NO I am not concerned, i think i switch the proxies go to play some backgammon on yahoo watch tv, play with my family and daughter.”

A day later, however, Mr. Lazar got a shock when George Maior, the head of Romania’s domestic intelligence agency, announced that the authorities would soon catch America’s most wanted hacker, a vow that suggested they knew he was in Romania. Mr. Lazar, in his prison interview, said he was also badly shaken by Mr. Maior’s description of him as “Little Guccifer,” which to him indicated that investigators had linked Guccifer with Little Smoke, the pseudonym he used before his 2011 arrest.

Thrown into a panic, he decided it was time to destroy evidence of his hacking and took an ax to his computer and cellphone in his yard in the village of Sambateni, about 11 miles east of Arad, the Transylvanian city where he is now in prison. “I knew they were coming for me,” he recalled. “My sixth sense told me I was surrounded. I was losing control of the situation.”

In reality, the authorities still had little idea who Guccifer was. Mr. Maior, in an interview in Bucharest, the Romanian capital, said he was not aware that Guccifer was the same person as Little Smoke, and had merely called him “little” to “minimize his aura of un-catchability.” The authorities, Mr. Maior said, did not even know at the time that Guccifer was Romanian.

But they had suspected he might be since September, when Guccifer hijacked a personal email account used by Mr. Maior, the security chief, and then used it to send Romanian-language messages to Mr. Maior’s official email account at the Romanian Intelligence Service.

Mr. Maior promptly ordered an investigation. “It was clear he had broken into my email,” Mr. Maior said. “He wanted to prove something. I took it seriously.”

Aided by American investigators, who had been hunting in vain for Guccifer for months, the Romanians quickly homed in on Mr. Lazar, who had left a clumsy trail of clues.

“He made many mistakes,” Mr. Badea, the prosecutor, said.

Mr. Lazar said he could have covered his tracks better if he had had more money — for a more powerful computer, for instance.

“Of course, I could have stolen money from them,” he said, distancing himself from the legions of his countrymen who have made Romania, the second-poorest country in the 28-member European Union, a global leader in Internet fraud. “I didn’t. Not a single dollar.”

An American indictment filed against Mr. Lazar in Virginia in June accused him of trying to extort “money and property by means of materially false and fraudulent representations, pretenses and promises” to his American victims, but Romanian investigators say they found no evidence of extortion.

Romanian officials say the United States has not asked Romania to extradite Mr. Lazar but has sent investigators to question him to learn how he managed to prey on so many powerful Americans. The United States Justice Department declined to comment.

Before agreeing to answer questions from The New York Times in prison, where he shares a cell with four others, including two convicted murderers, he read out a lengthy handwritten statement that he said explained the purpose of his hacking.

A potpourri of conspiracy theories about the terrorist attacks of Sept. 11, 2001, the 1997 death of Princess Diana and alleged plans for a nuclear attack in Chicago in 2015, it said: “This world is run by a group of conspirators called the Council of Illuminati, very rich people, noble families, bankers and industrialists from the 19th and 20th century.”

Mr. Badea, the Romanian prosecutor, scoffed at Mr. Lazar’s fixation on so-called Illuminati as a ruse intended to give a political gloss to a peeping-tom hacking addiction. The hacking exploits that led to his 2011 conviction involved “no Illuminati, just famous and beautiful girls,” the prosecutor said.

Mr. Lazar denied any interest in celebrities, asserting that he had only stumbled on most of the people he hacked as Guccifer, a long list that included the actress Mariel Hemingway, the “Sex and the City” author Candace Bushnell, the editor Tina Brown, the comedian Steve Martin, the author Kitty Kelley and many others.

With no access to a computer in jail, he now pours out his phobias and conspiracy theories in notebooks filled with his small, neat handwriting. “O.K., I broke the law, but seven years in a maximum-security prison? I am not a murderer or a thief,” he said. “What I did was right, of course.”


 
PressForNirvana

PressForNirvana

Alfrescian (Inf)
Asset

Chinese hackers behind US weather service cyberattacks, report claims

Agency under fire for waiting weeks to admit the breach of its computer system, which it reportedly has blamed on China

PUBLISHED : Thursday, 13 November, 2014, 10:26am
UPDATED : Friday, 14 November, 2014, 4:33am

The Washington Post

radardish.jpg


A radar dish used by the National Weather Service. Photo: AP

Hackers from China breached the US federal weather network recently, forcing cybersecurity teams to seal off data vital to disaster planning, aviation and other crucial uses, officials said.

The intrusion occurred in late September but officials gave no indication that they had a problem until October 20, according to three people familiar with the hack and the subsequent reaction by the National Oceanic and Atmospheric Administration (NOAA), which includes the National Weather Service. Even then, the NOAA did not say its systems were compromised.

Officials also said that the agency did not notify the proper authorities when it learned of the attack.

NOAA officials declined to discuss the suspected source of the attack, whether it affected classified data, and the delay in notification. The NOAA said publicly in October it was doing "unscheduled maintenance" on its network, without saying a computer hack made that necessary.

In a statement, NOAA spokesman Scott Smullen acknowledged the hacks and said "incident response began immediately". He said all systems were working again and forecasts had been accurately delivered.

But the agency told US congressman Frank Wolf that China was behind the attack, he said.

Wolf has a long-standing interest in cybersecurity and asked the NOAA about the incident after an inquiry from The Washington Post.

"NOAA told me it was a hack and it was China," said Wolf, who also scolded the agency for not disclosing the attack. "They had an obligation to tell the truth. They covered it up."

Commerce Department inspector-general Todd Zinser said his office was not notified of the breach until November 4, well after he believed the hack occurred. He said that was a violation of agency policy requiring any security incident to be reported to his office within two days of discovering the problem.

"We're in the process of looking into the matter, including why NOAA did not comply with the requirements to notify law enforcement about the incident," Zinser said.

Wolf said he did not know what information was accessed.

Confirmation of the NOAA hack followed an admission on Monday by the United States Postal Service that a suspected Chinese attack - also in September - compromised data of 800,000 employees.

NOAA officials also would not say whether the attack removed material or inserted malicious software in its system, which is used by civilian and military forecasters in the US and feeds weather models at the main centres for Europe and Canada.

NOAA's National Ice Centre website was down for a week in late October. The centre is a partnership with the US Navy and coastguard to monitor conditions for navigation.

The two-day outage skewed the accuracy of National Weather Service long-range forecasts slightly, according to NOAA.

The attack in September hit a web server that was connected to many NOAA computers, said one person familiar with the incursion. The server was protected, but the person compared the security to leaving a house protected by "just a screen door".

Smullen's statement said that four sites were hit by the breach.

The hack may have been aimed less at manipulating weather data than finding an opening in a US system to exploit, said Jacob Olcott, a cybersecurity consultant and former Senate staffer. "The bad guys are increasingly having a hard time getting in the front of these agencies," he said.

"So they figure 'if I can't get in the front door, I'd ride along in with someone who has trusted access and maybe ride that connection to bigger agencies'."


 
You must log in or register to reply here.

Similar threads

Byebye Penis
More than 570 documents reported to be from a Chinese state-backed hacking group were posted online.
Replies
3
Views
319
Byebye Penis
Byebye Penis
CoffeeAhSoh
Serious Ex-NTU student Alex Quek Wei Kai hacked 121 Kopitiam cards, made S$7,500 from selling them on Carousell
Replies
10
Views
715
laksaboy
laksaboy
gsbslut
sony tio hacked again
Replies
0
Views
513
gsbslut
gsbslut
UltimaOnline
Ah Tiongs offended, says Netflix's 3 Body Problem makes China look fucked up
2 3 4
Replies
72
Views
3K
Hypocrite-The
Hypocrite-The
glockman
Hacking The Afterlife
Replies
0
Views
726
glockman
glockman
Top