Slashdot Mirror
Two Romanians Charged With Hacking Washington DC Police Surveillance Cameras Days Before Trump's Inauguration (bbc.com)
US prosecutors have charged two Romanians with hacking Washington DC police computers linked to surveillance cameras just days before President Donald Trump's inauguration. From a report on BBC: The pair are being held in Romania, having been arrested at Bucharest Otopeni airport on 15 December. Mihai Alexandru Isvanca, 25, and Eveline Cismaru, 28, allegedly accessed 123 outdoor surveillance cameras as part of a suspected ransomware scheme. Mr Trump was sworn in on 20 January. The US Department of Justice said the case was "of the highest priority" because of the security surrounding the presidential inauguration. The perpetrators intended to use the camera computers to send ransomware to more than 179,600 email addresses and extort money from victims, the justice department said in a statement.
If they would have declared that they really wanted to interfere with the ingauguration, they would have had some sympathizers.
But as they just wanted to use those cameras for spamming & ramsomware - to Gitmo with them. Daily waterboarding please.
And they should be joining by whover's responsible of those cameras security holes.
1% APY, No fees, Online Bank https://captl1.co/2uIErYq Don't let your $$$ sit in a no-interest acct.
Actually, the food in Romania is better :) But only the food.
And they do diserve whetever's coming to them.
1% APY, No fees, Online Bank https://captl1.co/2uIErYq Don't let your $$$ sit in a no-interest acct.
They hacked the cameras to show that the number of people in the crowd was much less than the great number who actually attended!
I am Slashdot. Are you Slashdot as well?
I bet you've been drinking every night since the 20th January.
Whatever the purpose of their hack, glad that it interfered with the inauguration and likely helped protesters avoid prosecution. I'll drink to them tonight.
The black block rioted in full view of the TV cameras. Many trash cans were grievously assaulted.
https://www.youtube.com/watch?...
Unfortunately these were government trashcans and you don't need to assault very many of them to be over the $5000 limit you need to get a felony riot conviction in DC. Even inciting other people to do more than $5000 property damage is enough
https://beta.code.dccouncil.us...
(d) If in the course and as a result of a riot a person suffers serious bodily harm or there is property damage in excess of $5,000, every person who willfully incited or urged others to engage in the riot shall be punished by imprisonment for not more than 10 years or a fine of not more than the amount set forth in Section 22-3571.01, or both.
So some of them are going to get ten years for felony rioting, sometime in 2018. They fought the trash cans, and the trash cans won.
https://www.washingtonpost.com...
Jury selection began Wednesday for the cases of the first defendants to face trial in the Inauguration Day riots in downtown Washington, with the judge quickly asking prospective jurors about their views.
"What I am asking you is whether anything you may have heard about that day would keep you from fairly and impartially deciding this case? What are your feelings about the president and Inauguration Day, and will those feelings keep you from fairly and impartially deciding on a case and viewing evidence?" D.C. Superior Court Judge Lynn Leibovitz asked the 70 panelists.
The six defendants, whose trial could begin as soon as Monday, are charged with felony rioting in the Jan. 20 disruption that left several businesses vandalized and resulted in thousands of dollars in damage.
In all, prosecutors charged 212 people in connection with the riots. So far, 20 have pleaded guilty and prosecutors dropped cases against another 20. Trials for the others, in groups of five or more, are set to occur almost monthly through mid-2018.
Prosecutors allege that a group called Disrupt J20 helped plan protests that pulled in participants from across the country. They said some rioters used "black bloc" tactics - wearing all black and hiding their faces with masks and goggles so it would be harder to identify them.
The first defendants to face trial are Michelle Macchio, 26, of Naples, Fla.; Jennifer Armento, 38, of Philadelphia; Christina Simmons, 20, of Cockeysville, Md.; Alexei Wood, 37, of San Antonio; Oliver Harris, 28, of Philadelphia; and Brittne Lawson, 27, of Pittsburgh.
The trial is expected to last through mid-December.
The six defendants face felony counts of inciting a riot and destruction of property, charges that carry a maximum penalty of 10 years each.
Interesting how most of them seem to come from red states - Florida, Philadelphia, Texas were all Red. Maryland was blue.
https://en.wikipedia.org/wiki/...
I think a lot of antifa/far left types are rebelling against their Republican voting parents, who I'm sure will be very sad when they end up with ten years in prison. It's a shame really, I bet their Mummies and Daddies are lovely people.
echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
You forgot the women, mate.
And the tsuica. (diacritics won't work)
And the freedom. Believe it or not, Romania offers more freedom to the Average Joe than the USA does.
...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
From the article, it looks like it didn't have any impact on the cameras or inauguration security. It was just infected with a mail-bot that sent ransomware spam, much like thousands of other computers. Although, even the article is written poorly. One part says it's "computers linked to surveillance cameras" and another part says "accessed 123 outdoor surveillance cameras". The first one is probably correct - they got their ransomware mailbot installed on some Windows computers used to access the cameras, and it was sending out ransomware. The fact that they were used to access cameras isn't relevant. However, I think the fact that these are police computers, and police were likely doing other things on them (browsing, email) that got them infected, probably is relevant.
They might not have realized that they were outdoor cameras in Washington DC, especially if they were building a botnet as suggested in TFS. Those cameras might just have been part of a much larger botnet.
Everything I write is lies, read between the lines.
It's in TFS, the cameras were apparently part of a botnet. They might have gotten access to them with automated scripts and they might not even have realized that the cameras were outdoor in Washington DC as far as I can tell for now.
Everything I write is lies, read between the lines.
What on Earth do James O'Keefe and Roy Moore have to do with this?
It's not like anyone is disputing the fact that Black Bloc rioted on inauguration day.
E.g.
https://duckduckgo.com/?q=dc+i...
echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
Yes but given that
1) Washington, DC is politically sensitive location at the best of times
2) Inauguration Day was coming up which means extreme security and
3) The FBI/CIA/NSA etc were under enormous political pressure to find 'Russian hackers'
would it not have been prudent to exclude any IP address that geolocates there for a couple of months? Especially if you're doing it from Eastern Europe?
If you look at what happened it seemed like the Europol, the UK and the Netherlands all helped out with the investigation I.e. these idiots activated the very effective part of law enforcement that deals with threats to national security, which presumably woke up when politicians started talking about Russian hackers and did its damnedest to catch some.
http://www.bbc.co.uk/news/worl...
The EU police agency Europol says three other suspects were also arrested in Romania this month in a linked investigation into ransomware. The UK's National Crime Agency was involved in that investigation.
The three are suspected of infecting computers with CTB-Locker (Curve-Tor-Bitcoin Locker) malware.
A Europol statement says Romanian police were tipped off in early 2017 by the Dutch High Tech Crime Unit and other authorities about a group of Romanians sending spam messages.
The spam emails had attachments made to look as if they had come from well-known companies in Italy, the Netherlands and UK. Once opened on a Windows system, those malicious attachments encrypted computer files.
It's completely different to the WannaCry attack where no one got caught and North Korea got blamed.
https://en.wikipedia.org/wiki/...
The WannaCry ransomware attack was a May 2017 worldwide cyberattack by the WannaCry ransomware cryptoworm, which targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in the Bitcoin cryptocurrency. It propagated through EternalBlue, an exploit in older Windows systems released by The Shadow Brokers a few months prior to the attack. While Microsoft had released patches previously to close the exploit, much of WannaCry's spread was from organizations that had not applied these, or were using older Windows systems that were past their end-of-life. WannaCry also took advantage of installing backdoors onto infected systems.
The attack was stopped within a few days of its discovery due to emergency patches released by Microsoft, and the discovery of a kill switch that prevented infected computers from spreading WannaCry further. The attack was estimated to have affected more than 300,000 computers across 150 countries, with total damages ranging from hundreds of millions to billions of dollars. Security experts believed from preliminary evaluation of the worm that the attack originated from North Korea or agencies working for the country.
In December 2017, the United States, United Kingdom and Australia formally asserted that North Korea was behind the attack.
Mind you WannaCry probably helped wake up international law enforcement too. I.e. it's another reason these guys got caught effectively.
echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
women for sure 100% yes about freedom...yeah dragnea likes that freedom quite a bit (I am not romanian but I love the country )
I did read the links. O'Keefe does hidden camera investigations. The fact he did one into AntiFa isn't the only evidence against them. And the charges against O'Keefe are politically motivated bullshit - his sin was exposing the lies and bias of leftist media organisations and NGOs.
echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
Well to be honest if I were in the ransomware business I'd probably have not targeted the US at any time. Then again the UK's not that much safer given NSA/GCHQ collaboration, and the WannaCry people did target that.
Maybe they really were North Koreans and knew they'll never set foot in a country that will extradite them.
I wonder if NSA/GCHQ have thought about some sort of firewall on NK's internet access? Or, given that they must use a foreign ISP to get to the wider Internet and that ISP could probably be persuaded to disconnect them if they're breaking the terms of service by sending ransomware.
Then again they probably connect via a Chinese ISP in a way that the Chinese government can claim it doesn't know anything about.
echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
That's why I was talking about the freedom the Average Joe has - which is the freedom to do things Average Joes do - aka "not politics".
Like being able to drink in a bar all night long, rather than have a curfew at 2 AM.
...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
I think WannaCry freaked them out. It only hit XP but it hit the NHS hard
https://en.wikipedia.org/wiki/...
One of the largest agencies struck by the attack was the National Health Service hospitals in England and Scotland,[87][88] and up to 70,000 devices â" including computers, MRI scanners, blood-storage refrigerators and theatre equipment â" may have been affected.[89] On 12 May, some NHS services had to turn away non-critical emergencies, and some ambulances were diverted.[90][91] In 2016, thousands of computers in 42 separate NHS trusts in England were reported to be still running Windows XP.[35] NHS hospitals in Wales and Northern Ireland were unaffected by the attack.[92][90]
The US seems to have been rather unaffected - presumably Microsoft bullied most organisations into either upgrading from XP or paying for security patches. FedEx seems to be the only thing hit.
https://en.wikipedia.org/wiki/...
Then again the NSA developed the exploit it used
https://en.wikipedia.org/wiki/...
So perhaps they made sure US stuff was patched.
Still how many times have you gone into some dodgy organisation like the NHS or FedEx which would cause deaths if it shut down and seen machines running very old versions of Windows? And of course it's not out of the question for the people who did WannaCry to buy some zero days for newer versions of Windows on the black market or even discover them themselves. After all if you watch the CCC videos there are clearly loads of possibilities out there.
If WannaCry had been able to target more modern versions of Windows with a zero day, the results would have been much worse.
So I reckon the NSA and GCHQ are paying attention now.
Basically open societies have loads of insecure computers. People in a closed society have lots of time to find backdoors. Living in a closed society doesn't make you dumb and smart people in one would know some sort of cyberweapon to strike down enemies of the regime is the way to a privileged life.
echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
With NATO distracted by looking for Russian bear in forests, people think the security services in NATO cant still collect it all domestically.
Domestic spying is now "Benign Information Gathering"
Re "use that access?" in some fictional way?
:)
If someone was thinking of a fictional movie script and what to do with control of CCTV looking at and into every US gov, court building?
Get CCTV from all US federal, city and court buildings 24/7.
The face, face of passenger licence plate of every DoJ, other federal agency, state/city police officer, city investigation, court worker, state/federal funded task force member, police informant, undercover police office.
Police and security will do field interview if they see DSLR near their building.
They just don't think all the city, private sector CCTV could be used to track all law enforcement officials because that software and hardware is so gov/mil restricted.
Bonus if can get voice print and cell phone details too
That would make a great fictional movie plot. Building security always watch for stranger with DSLR not what all the CCTV can see. CCTV is always used by good people.
Domestic spying is now "Benign Information Gathering"
Next claim by Trumpists will be that those hackers faked all the photos that made it look like there weren't 2 million people at the inauguration.
Of course news about a fake are Fake News.