Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sophisticated, Targeted Breakins Uncovered

Posted by kdawson on from the don't-answer-job-ads dept.

Ichabod writes "Sophisticated computer criminals stole data from Unisys, Booz Allen, L-3 Communications, Hewlett Packard, and Hughes Network Systems. It sounds like they used a combination of social hacking and undetected low-profile malware (reportedly NTOS.exe) to steal and encrypt sensitive data, and compromised Yahoo accounts to store and retrieve it. An international investigation appears imminent. And yes, unfortunately Reuters calls the criminals 'hackers,' further besmirching the once-revered title."

11 of 204 comments (clear)

  1. The only thing I find strange.. by i8myh8 · · Score: 5, Funny

    ..is that they'd use Yahoo! Mail to retrieve the data. Gmail offers more space. Hrm. Poorly researched.

    1. Re:The only thing I find strange.. by jojoba_oil · · Score: 5, Insightful

      Actually, the so-called hackers thought that "Do No Evil" was a command to those using Google's services. As such they went elsewhere.

      In all seriousness, I'd be willing to bet that they used compromised Yahoo! accounts for a few reasons: yahoo users are generally less computer-savvy (read: easier to compromise), they probably use gmail accounts themselves so they didn't want to draw attention there, and google has been rumored before to keep e-mails even after being deleted from the account.

  2. Give it up by IndustrialComplex · · Score: 4, Insightful

    I don't think you have to worry about the term 'hacker' being besmirched any more. It, like several other terms have entered the mainstream vernacular. If you really care about the terminology that much, invent a new term for what was the original 'hacking'. It is far too late to close the barn door on the hacker misconception.

    --
    Out of modpoints but really liked a post? 1BDkF6TtmmeZ3yqXbz9yhdYVqRYnwFoXDj
    1. Re:Give it up by Jack+Pallance · · Score: 4, Funny
      I guess you could say, this issue needs more than a "Band-Aid" for a solution.

      Get it?

      Band-Aid!!

      (OK, It was a term that used to be used exclusively to mean a specific brand, but has now changed its meaning over time to mean something broader. I don't know why I even try with you people...)

  3. "to steal and encrypt sensitive data" by InvisblePinkUnicorn · · Score: 5, Funny

    See, hackers get a bad rap. These folks were kind enough to encrypt the sensitive data they found, so that no outside parties could get a look at personal records.

  4. Better writeup at WaPo by wiredog · · Score: 4, Informative

    The Security Fix Blog

    --

    Best Slashdot Co
  5. Re:Another day another break-in by ringfinger · · Score: 4, Insightful
    According to the article, they used social engineering by "seducing employees with fake job-listings". This is interesting because it targets those employees that are most disgruntled. Offer them a chance at another job and they'll give you a username/password that probably is the same one they're using to access the corporate account system.


    I agree, we should somehow pool our collective knowledge and accumulate it somewhere. There's an idea for /. to pull it back up on par with digg.

    --
    21st-Century-Citizen
  6. Re:No, it was never that way by sconeu · · Score: 4, Informative

    Yes. See the Jargon file. The term "hacker" has a long and distinguished history, before it was hijacked by the asshats who are "crackers".

    --
    General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
  7. Re:frequency by pegr · · Score: 5, Informative

    You want details? This trojan appears to be a variant of this nasty little bugger. (Warning: pdf). The link is to a detailed technical report on how it works, what it does, and how to decrypt data it encrypted. It was authored by Secure Science Corporation back in November of 2006.

  8. From Webster by Shihar · · Score: 4, Insightful

    Main Entry: hacker
    Pronunciation: 'ha-k&r
    Function: noun
    1 : one that hacks
    2 : a person who is inexperienced or unskilled at a particular activity
    3 : an expert at programming and solving problems with a computer
    4 : a person who illegally gains access to and sometimes tampers with information in a computer system

    I am pretty damn sure that the thieves in question meet both #3 and #4, hence they are 'hackers'. I probably would not waste time bothering Reuters to complaining that not all hackers are evil. They used the word correctly.

  9. Use of "hacker" by Matt+Perry · · Score: 4, Insightful

    Reuters calls the criminals 'hackers,' further besmirching the once-revered title.
    Get over it. Seriously. This romanticism for some obscure meaning of a word being understood by the general public is really getting tiresome. Words can have multiple meanings depending on the context and hacker is no different. We just have to live with it. There's no way to change the meaning of the word in the public consciousness without some type of huge marketing campaign. Saying you are a Perl hacker is going to be interpreted the way you want by the audience you are targeting with that phrase. If someone thinks you are breaking the security of Perl then they probably don't know what Perl is and aren't the audience for your use of that word. Likewise, when I talk about forking and killing children I'm not talking about murdering babies (contrary to what the marketing woman thought, whose office was near my cube, when she reported me and my co-worker to HR 10 years ago).
    --
    Slashdot: Failed Car Analogies. Amateur Lawyering. Anecdote Battles.