Slashdot Mirror
UK Tabloids Doxxed the 'Hero' Hacker Who Stopped a Global Cyberattack (theoutline.com)
The UK-based security researcher, who "accidentally" halted the spread of the ransomware Wanna Decryptor over the weekend, has been doxxed by UK tabloids. From a report: [...] Journalists have published his name against his will, bringing him unwanted attention and sending a signal to privacy-sensitive researchers that no good deed goes unpunished. The researcher, writing under the username MalwareTechBlog, published a blog post on his personal site with findings about the virus, explaining how it was stopped and what would have to be done to prevent it from coming back. News outlets, including the Daily Mail, The Guardian, and CNN called the anonymous researcher a hero. The researcher was initially responsive to press inquiries. He told reporters that he was 22, lived in the south of England with his parents, and worked for an L.A. security firm. However, he told The Guardian that he wanted to remain anonymous "because it just doesn't make sense to give out my personal information, obviously we're working against bad guys and they're not going to be happy about this." It took about a day for UK papers, including The Mail, The Sun, The Telegraph, and The Mirror, to suss out the researcher's name and publish photos of him, show up at his house, and track down his friends and associates for interviews. "It's caused a fair bit of stress," he told Forbes. "I don't want fame."
Am I a slashdot hero now?
The press are nothing more than leaches and liars hell bent on spinning webs of lies to suit their narratives.
All this man wanted was his privacy to be respected. He halted one of the worst malware attacks and this is how those libtard comm degree holders react?
There's a special place in hell reserved for journalists who act like this.
How many of those papers are owned by Rupert Murdoch?
We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
They don't care what gets in their way as long as it leads to a "juicy story" and will ruin every life in the way to get it. Reporters, well anyone employed at these garbage "papers" are vile disgusting people.
It isn't really "fake news" as Orange Jesus would say, just garbage news.
The press will continue to lament how they are perceived negatively in spite of them being the real heroes of every story they report.
Those tabloids are a sore on humanity but we must remember, they exist because it works, because people fall for the clickbait. Tackle the cause not the symptom.
In Capitalist US, the commerce controls the Government.
Not you, UK tabloids. But the /. editor who removed the guy's name from the summary. The issue at stake is newsworthy to Slashdot reader, but at the end, the name of the person isn't.
He's embarrassed because he is 22 and still lives with his parents and now everybody knows it.
Good press: Exposing bad actors in a conspiracy that are trying to remain anonymous.
Bad press: Exposing an accidental good actor that specifically asked to remain anonymous so he could do his work.
This was like outing a police officer's name and address after he nails a low-level gang leader. It could get very messy for this 22 year old online. Hacked social media accounts, DDOSed any personally managed online resources (web servers, etc.). And that's if it's a low-level script kiddie type trying to make some cash - and not some more malevolent group.
Celebrity isn't what you want in that line of work...
I'm posting this comment anonymously just because it felt appropriate given the context. ;)
The UK press are twats.
Security Researchers have had death threats and setups, like having hard drugs posted to their house shortly followed by a tip off to plod and all manner of other nasty things.
Sadly it's not just Murdoch's sewerage - the other papers are just as bad.
Why can't women be like Hedy Lamarr - beautiful, talented and inventors of frequency-hopping spread-spectrum techn
How long before we find out that this 'researcher' is a former member of the clan that unleashed this hot garbage to the world, but left over some petty dispute so invoked the back door already known to him.
I find it hard to believe that Symantec and especially Kaspersky didn't find this 'kill switch' before this guy (allegedly) did.
It was my first day at the new high school. I'd just moved from a
very urban area to a rural area. While this new school didn't have
all the wonderful different skin shades I was used to, the
country/redneck look of so many boys was just as sexy. It was hard to
tell if any one of them might be gay--so many acted overly macho.
I was horny on a daily basis. Looking at all the new scenery didn't
help any. I tried to not stare at the round, beautiful asses of guys
in tight jeans in between classes. I had a semi-hard on most of the
day. I probably oozed several ounces of pre-cum into my boxers.
I was totally gay but was sure that I didn't give it away. I had
nothing against effeminate men but I didn't think I was one. That
type just didn't turn me on nor did I want to emulate it. Maybe I
overcompensated even...
- - -
When lunchtime finally came around, I bought my lunch and carried the
tray to the middle of the room. I was about to sit alone when I saw a
group of guys from my Algebra class spread out at a single table. I
thought it would be a good chance to make friends, so I sat down at
the edge of their table.
"Hey guys...how's it going. I'm Max. I'm kinda new here."
Each one of them stood up and shook my hand firmly. I sat down and
started eating. I managed to chat my way into their conversation. I
figured these guys would be talking about football but oddly enough it
was about politics. Even weirder was the most redneck lookin' dude
(western belt, bandana in pocket, mangy looking fuzz on his chin, and
worn spot on back pocket where his snuff can usually was) led the
conversation. He was going on about Federal Government sucking its
way into everything to snuff out our freedoms. He went on and on.
Few of the other guys gave a shit. I was just horny and hungry.
I spoke my opinion briefly...just to fit in...and continued to eat. Then
he introduced himself as Jasper. He was lightly freckled with
slightly crooked front teeth, but there was intensity in his bright
green eyes. His reddish brown hair was cut in the form of a short
mullet. His look contradicted the words that came out of his mouth.
Just then, two guys slammed into our table. One entered on each side.
When they sat down the table (with all of its seats connected) rocked
and moved a few inches. The two guys were tall, had beefy arms, and
had on tight flannel shirts. They looked almost the same but one was
a little shorter than the other. Each had their haircut so short
their heads were practically shaved. You could tell they had shaved
but their faces showed stubble. Despite their muscular upper bodies,
each had a slight gut.
One of them was sitting in the seat next to me. When he shifted, his
large booted foot bumped mine but he didn't seem to notice. I glanced
down and saw a nice bulge in those tight jeans. They were obviously
brothers--and cute ones.
They both had school cafeteria food on their trays like me but theirs
was piled up with extras. Each had four wheat rolls, two chocolate
milks, extra meatloaf, etc. It looked like they'd each doubled the
food by buying extras in line. Without saying anything, they began
stuffing their faces. Each grunted as they ate and nodded hello at
the other guys when anyone looked over to them. They were intensely
concentrating on their food and were eating faster than any of us.
When I finished my food, which was just helping of each food on the
tray, they were already finished.
One of then belched loud. I swear I heard one of them fart. They
nodded to the guys at the end of the table and were gone. Their visit
was no more than five to six minutes.
"That's Lee and Derek...the school football studs," Jasper said.
I know they heard him but they paid no mind.
"New guy here is Max!" he said.
The two of them looked up and aimed a big hand for me to shake while
th
because of this against-his-will exposure, he should crowdsource funds to sue the tabloids.
Where are we going and why are we in a handbasket?
eyes on the rEal 486/66 3ith 8
I might be mistaken, but... This is a worm right? With no control over rate of infection, right? Meaning it's an exponential growth process. Meaning it should have hit its saturation in no time. Like an hour or so. Meaning that by the time that dude pulled the plug, the party was mostly over anyway...
All the blogs machines are pwned!
https://blogs.msdn.microsoft.com/
Server Error in '/' Application.
Runtime Error
Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.
Details: To enable the details of this specific error message to be viewable on remote machines, please create a <customErrors> tag within a "web.config" configuration file located in the root directory of the current web application. This <customErrors> tag should then have its "mode" attribute set to "Off".
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="Off"/>
</system.web>
</configuration>
Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's <customErrors> configuration tag to point to a custom error page URL.
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>
</system.web>
</configuration>
Those tabloids put him in harms way in the middle of a global IT security crisis.
When (not if) people in hospitals die because of this computer hacking, they should sue those tabloids, for putting a target on his head, and on the head of anyone who wanted to help. Bet your arse that there are others who will "just duck" to not get doxxed by those sorts of papers.
I think anyone whose life he saved, should help crowdfund a lawsuit against the papers that did this.
If he ends up being executed for this, I think that the state (is it UK?) should sue those agencies on his behalf for his wrongful death in which they were enabling participants.
The Telegraph does, indeed, amount to little more than a tabloid at this point.
The Sun. The Daily Mail. The Mirror. The only thing worse than them is Julius Streicher's Der Stürmer. Thanks, Rupert Murdoch, for the daily garbage.
Sounds like he didn't try too hard to hide his identity, depending on the newspapers' integrity to maintain privacy. Maybe instead he should have taken at least some of the steps Anonymous does to keep their identity secret.
It's inevitable that the perps will go after him. Hopefully it'll only be electronic, not physical. He may never be able to own a computer or a credit card again.
The sad thing is that this will serve, at least in part, to discourage other private white hats from publishing their works.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
If he wanted to remain anonymous then why give them his name?
If all you are known as is a tweeter handle, then there's no way they could doxx him.
I'm going to guess he wanted some people to know who he was so he could brag about it. The only safe secret is the one that no one knows.
Is it time to doxx everyone involved in the production and distribution of these tabloids?
Alternatively, you could boycott anything printed by the same company that prints the tabloids so that they drop the tabloids as client. (printing presses are expensive)
Anons need not reply. Questions end with a question mark.
Maybe he'll get laid because of this!
"When information is power, privacy is freedom" - Jah-Wren Ryel
It's not the first time they've done something like this; see Princess Diana in the gym. The British newspaper industry has given itself the privilege of publishing whatever it wants (except page 3 girls). The hypocrisy being, they get their stories by bribing authorities to spy for them (eg. the phone-hacking scandal) under the pretense of an anonymous tip. They're so well protected, only long-term celebrities like Jude Law and Sienna Miller get to sue them.
Let this serve as a lesson. Those who think they are heroes and go around stopping so called cyber crime will be found and exposed to the world.
What he did was stupid and honestly he deserves far worse.
Tldr; Don't be a hero, you will suffer for it.
If some citizens were to dox the editord, camp out on their lawns, shout constant inane questions and mob you, your friends an family at every opportunity.
It would be 'in the public interest' for these schmucks to get a taste of their own. But that wouldnt stop the mass arrests.
This perpetual motion machine Lisa made is a joke, it just keeps getting faster and faster. - Homer
No, not of those who doxxed him.
Of the white-hat. There's no way he won't be tried under the CFAA for this.
Like they said; no good deed goes unpunished, and this was a very good deed indeed.
Seriously though, a 22 year old wouldn't be that hard to google these days, even the ones that work in security. It's sad. Just say no to Facefarm.
If he is working as a security researcher, then crackers will often target those people, because those people are targetting them.
This is why the police, prosecutors, judges get doxxed, and their personal details traded, because it protects the crackers more. The more confusion in the enforcement sector, the better for the crackers. If a judge has had to defend themselves against having false digital evidence planted on them, then it changes the bar for what is acceptable evidence and sets it much higher.
And governments doxx people all the time, loads of people don't consent to the government holding information on them, and yet governments do.
If you want power over someone you need to know about them and have leverage over them. I think crackers do actually treat what they do as a form of warfare, and war is dirty. If you are up against a pyramid style force, there's loads you can target to affect the pyramid to your advantage, they have lines of command, crackers don't, crackers act more like independent mercenary guerilla fighters.
Security researchers should probably study incident response as the first step of security research, people good at cracking probably do, of course they are looking for the chinks in that to exploit. Incident response is like a bit of armour for the security researcher, and it takes into account how society is set up. So there is a process of how to deal with different incidents, and I don't think he followed it at all.
The press doxxes, that's what it does, that what the news is, good incident response knows this. Journalist often protect their sources because they want exclusivity, and if people think they will be protected they are more likely to talk to the press, it is not because the press thinks doxxing is wrong. The press isn't some paragon of virtue, it is just a group of people trying to make money over what has happened, the chances are they are staffed by people who are more selfish than altruistic, but that is a symptom of how society is governed really.
As already noted, the line between "exposing bad guys" and "doxxing good guys" is very faint. I vote for people before principles.