Slashdot Mirror
Feds Thwart Extortion Plot Against Best Buy
hiero writes "From an article
in the Star Tribune: 'Federal authorities said Tuesday they thwarted an extortion plot against Best Buy Co. Inc. by a man who sent the company an e-mail threatening to expose what he claimed were weaknesses in the retailer's computer system unless he was paid $2.5 million.' What's really interesting to me, though, is this paragraph further on in the article: 'The federal search warrant was obtained the morning of Oct. 24 and allowed the FBI, with Best Buy's cooperation, to use an Internet device known as an Internet Protocol Address Verifier. It contained a program that automatically sent back a response to Best Buy after the company sent a message to the e-mail address. The response allowed investigators to identify Ray as the sender of the e-mail threats, according to the government.' Internet Protocol Address Verifier? Is this Carnivore in action?"
Easy does it. You don't need a big surveillance program, just add a bug to your email that "grabs" the reader's IP addy and voila!
Easy does it, apply the KISS principle to life.
~~~Please pass the salt, I hate unsalted MD5s
no, you are dead wrong.
I can send you an email right now that will only get you to that mail server's address. there is no way in hell you can get my IP addrees out of it. and then if you try and suponea that company there is no real information in there about me except one IP address that lead's to a http anynomizer... so now you have to suponea that and hope I didnt do a second hop and was stupid enough to use the first two inside a country that will gladly bend over for your government.
your tactic was useful 10 years ago... today it's mostly useless.
Do not look at laser with remaining good eye.
Over here there is a Congressional Statement of what Carnivor "officialy" does, or is "allowed" to do. One paragraph of this statement:
Carnivore is a very effective and discriminating special purpose electronic surveillance system. Carnivore is a filtering tool which the FBI has developed to carefully, precisely, and lawfully conduct electronic surveillance of electronic communications occurring over computer networks. In particular, it enables the FBI, in compliance with the Constitution and the Federal electronic surveillance laws, to properly conduct both full communications' content interceptions and pen register and trap and trace investigations to acquire addressing information.
gives us the gist of it. So yes this very well be Carnivore in action.
"It usualy starts with some screaming. Afterwards there is much running around."
You cant turn off HTML in M$ LookOut
;-)
Oh yes you can - something I rely on to avoid spammers using the same trick!
this dude dosent sound very clued up
My thought exactly
Anyone that reads 666 otherwise known as the hacker quarterly knows about all the problems in Best Buys network.
It even goes in depth on how to get into thier private network from a display PC.
How to find info on hiring and firing people etc.
How to order stuff and have it sent.
and few other ways of hiding yourself, as below
1. Dedicated firewalled Linux Laptop with WLAN, and changing MAC
2. WarDrive around for a unsecure internet connection.
3. Use proxies from unsecured PC's, lists available from DBL providers, or you Email server logs.
4. Setup up a web mail account, and send business proposal.
5. WarDrive to other access poiunt for continuing dialog
6. Travel around a bit to avoid setting a Wardrive pattern
I would think this would be very difficult to trace without social engineering
mailto:EatSpamAndDie@princeweb.com
Is this Carnivore in action?
:)
No, it isn't. Like another poster said, this is really just a web bug. Carnivore is a sophisticated system for parsing billions of e-mails and flagging interesting things like threats against the President for analysts to examine, but has nothing to do with validating return addresses or anything like that.
The only way to actually know that someone is actually receiving your e-mail at a particular location is to include a web bug that reports their IP address back to you, by opening a socket connection directly to something on a server you own (e.g. an image). So either include an image in the e-mail which is requested from your server, or include a trojan that "phones home" when they run it.
It works. Try it the next time you want to see who's really spamming you. Just send a web bug to whatever the response address is they want you to contact, (you know, for your Nigerian money-laundering instructions), and then examine your server logs carefully to find out where they really are in the world. Of course, you could also send them a backdoor if you wanted, instead of just a beacon, but I would never countenance such uncivilized behavior
I disagree. If a private citizen were being extorted for 2.5 mil, the feds would be willing to get involved. It's when the script kiddy down the street is extorting the local cyber cafe for free coffee that the feds won't touch it. Last I checked, the loss had to be above $5000 for the feds to investigate computer crime. That was a couple years ago though, don't know what it is now.
Yes, my only tool is a hammer. And you're starting to look like a nail.
$5000 is still the low cutoff for felony theft... anything below is a misdimeanor and gets handled at the local level.
Saying Android is a family of phones is akin to saying Linux is a family of PCs.
Yeah, right.
Exactly. But Outlook 2003 doesn't display images in HTML emails by default, nor will Outlook Express after XP SP2.
If you want to see the images you have to request them to be downloaded, or add the sender to your list of trusted sites.
"Taligent is still pure vapor. Maybe they'll be the last who jumps up on Openstep... "
Didn't anyone else think that maybe just asking the reporter would do the trick? His email address is right at the bottom of the article.
<sarcasm> oh wait - this is slashdot right - only two people actually read the article. </sarcasm>
I emailed Mr. David Phelps asking what an "Internet Protocol Address Verifier" was and his brief reply was the following.
"it's commonly referred to as a web bug. i used the term as contained in the government's search warrant."
So while the theorizing here did come up with that as a possibility - it also came up with lots of other BS.
Now the bizarre thing is that the feds used such a wierd term. Then again to a judge or lawyer the term "web bug" probably seems pretty bizarre.
If you're looking for sources of information, Ward Churchill and Jim Vander Wall's book Agents of Repression: The F.B.I.s Secret Wars Against the Black Panther Party and the American Indian Movement (South End Press) is a good start. When large numbers of readers refused to believe the stuff they had written (even though it extensively referenced the FBI's own documents), they did a follow-up book that just reprinted the FBI material called The COINTELPRO Papers: Documents from the FBI's Secret Wars Against Dissent in the United States. Harder to disbelieve that, I guess.
Have a look at the 'owner' match extension to iptables:
Tm
Support TBI Research: http://www.raisinhope.org
Maybe you'll learn something... just maybe.
Sivaram Velauthapillai
Sivaram Velauthapillai
Seeking the meaning of life... @slashdot of all places