Slashdot Mirror

← Back to Stories (view on slashdot.org)

Student Expelled After Using Hardware Keylogger to Hack School, Change Grades (bleepingcomputer.com)

Posted by msmash on from the getting-creative dept.

Catalin Cimpanu, writing for BleepingComputer: Kansas University (KU) officials have expelled a student for installing a hardware keylogger and using the data acquired from the device to hack into the school's grading system and chang his grades. KU did not release the student's name to the public, but they said the keystroke logging device had been installed on one of the computers in its lecture halls. The student used data collected from the device to change F grades into A grades. Professors said the incident would not have been noticed if the student didn't get greedy about modifications. The hardware device the student used was a run-of-the-mill hardware keylogger that anyone can buy on Amazon or eBay for prices as low as $20. Speaking to local media, various KU professors said they hope not to see any copycats in the near future.

7 of 136 comments (clear)

  1. Re:Surprised? by networkBoy · · Score: 5, Insightful

    nope, and he fits the stereotype of "stupid greedy crims get collared".
    what we didn't hear about is the other student that changed all his grades up by one point. He's passing now, and no one bats an eye because it doesn't stand out.

    --
    whois gawk date unzip strip find touch finger mount join nice man top fsck grep eject more yes exit umount sleep dump
  2. Re:Surprised? by ShanghaiBill · · Score: 4, Insightful

    Is anyone surprised that a student tried this? Got caught? Got expelled?

    Not totally surprised, but he got caught because he got greedy, and in my experience most cheaters are not greedy, they just want a passing grade. When I was in college I earned money by writing programs for other students, and when I would ask them what grade they wanted on the assignment, the most common request was for a "B", and even "C" was more requested than "A". They may be dumb, but they are smart enough to know they are dumb, and an "A" will bring suspicion.

  3. Re:I can see why he got an F by computational+super · · Score: 4, Insightful

    Actually if you're going to do it, go all out: change your status from "enrolled" to "graduated" and see if you get away with it.

    --
    Proud neuron in the Slashdot hivemind since 2002.
  4. Re:Profs using public terminals and No surprise he by dunkindave · · Score: 4, Insightful

    I doubt the professor used a public terminal to work on student records. More likely, the professor logged into his account from a computer in a lecture hall to pull up a presentation, and with one username/password for all activities, that gave the student access to what the professor did in the grading system as well.

  5. Re:Profs using public terminals and No surprise he by Anonymous Coward · · Score: 2, Insightful

    Probably because they used the same usernames and passwords to access the class material as they did to access the grade system. Or they used different usernames and passwords but over time accidentally used the wrong set out of habit when logging in to the public system. It is not uncommon to accidentally type the password into a username field, either. Usernames frequently appear unobscured in system log files. Studying log files for a few weeks will reveal a few passwords mistakenly entered as a username and it isn't that hard to then match them with the username entered nearby.

  6. Re:Surprised? by jellomizer · · Score: 3, Insightful

    A professor getting to the lecture hall early, decides to use his time to do some grading. Also he will normally need to log in (most places have single sign on or they will use the same password) to get into the network to show his presentation.

    The system may had a change date, next to the grade, making it easy to spot. or just the professors knows the grades he gives. Such student who had to raise their grades may have been noticed as an under performer.

    Schools are notorious for poor IT Security practices. Being that the student actually went out of his way to do this, pre-planned... The school will probably get more credits for being hard on POS student like that. Then having a security flaw with all the bigger names having huge hacks it no big deal anymore.

    --
    If something is so important that you feel the need to post it on the internet... It probably isn't that important.
  7. Re:Surprised? by Mashiki · · Score: 3, Insightful

    what we didn't hear about is the other student that changed all his grades up by one point. He's passing now, and no one bats an eye because it doesn't stand out.

    That's because clever criminals usually don't get caught until they over-reach. Look at your local police force/service and you'll see how happy they are over social media. In my small community, clearences are up 30% because stupid criminals brag, get caught and sometimes will even claim to have done more. Which is good. There's a two fold effect to this though, the smarter criminals will cool it for a bit because they think they're more likely to get caught. And that actually does lower crime.

    --
    Om, nomnomnom...