Tag Archives: Hacking

Top: The Luas homepage this morning; a threat which appeared on the homepage earlier today; and tweets from the Luas account

RTE reports:

The website of Dublin’s tram service is offline with a message claiming it has been hacked.

Users trying to access luas.ie are seeing a message which threatens to “publish all data and send emails to your users” unless “1 bitcoin” is paid in five days.

One bitcoin is currently valued at €3,385.

Luas said on Twitter that it has technicians working on the issue and travel updates will be made on its Twitter account.

Anyone?

Luas website offline after being compromised; message threatens release of data (RTE)

Screen Shot 2015-10-12 at 09.32.14

Anonymous writes:

A friendly warning to be vigilant against hacking from the large multinational I work for. Am I too sensitive after Super Sunday or could the link at number two be construed as slightly offensive??

Anyone?

BROOKS-COULSON_2719672b

 

Ew.

Rebekah Brooks and Andy Coulson had six-year affair, phone-hacking jury told (Guardian)

Meanwhile…

 

News of the World staff ‘hacked Mail on Sunday’s phones in bid for scoop’ (Lisa O’Carroll, The Guardian)

(PA)

00076f11-64200076f10-642(Students Darren Martyn (top) and Donncha O Cearrbhail,above left).

Justice Ryan  adjourned the case until October to let them each bring €5,000 to court to pay for the damage to the Fine Gael site. She also asked the Probation Service to prepare a restorative justice report on the hackers.

This can involve a meeting between the offender and the victim to discuss the impact of the crime as well as a letter of apology and an action plan of activities.

The judge indicated that if the money is paid and the report is positive, the Probation Act would be applied which would see the students spared custodial sentences and criminal records.

Students admit hacking FG website before election (irish Times)

Seriously Sam writes:

Am I the only one who is disgusted at Fine Gael pushing this one through the courts where they claim it cost 10k to put back up their crappy site and are making these kids pay 5k each, and go through humiliating apology letters crapola?
Hacking = bad. Agreed.
But small stunt and overreacting establishment using the FBI (FFS!) to track down some young folks for embarrassing the establishment….

 

Microsoft – like most other proprietary tech manufacturers –  is very careful to ensure that your XBox only runs Microsoft approved software, but not so avid when it comes to protecting your personal information.

Ashley Podhradsky is one of a group of researchers at Philadelphia’s Drexel University that recently made an interesting discovery:

Podhradsky, along with colleagues Rob D’Ovidio and Cindy Casey at Drexel and Pat Engebretson at Dakota State University, bought a refurbished Xbox 360 from a Microsoft-authorized retailer last year. They downloaded a basic modding tool and used it to crack open the gaming console, giving them access to its files and folders. After some work, they were able to identify and extract the original owner’s credit card information.

We reached out to Microsoft for comment on this issue, but as of press time, they have not yet responded.

Podhradsky isn’t even a gamer, she says. For seasoned modders and hackers, the process might be even easier.
“A lot of them already know how to do all this,” she said. “Anyone can freely download a lot of this software, essentially pick up a discarded game console, and have someone’s identity.”

…”I think Microsoft has a longstanding pattern of this,” Podhradsky said. “When you go and reformat your computer, like a Windows system, it tells you that all of your data will be erased. In actuality that’s not accurate—the data is still available… so when Microsoft tells you that you’re resetting something, it’s not accurate. There’s a lot more that needs to be done.”

Hackers Can Steal Credit Card Information From Your Old Xbox, Experts Tell Us (Kotaku)

boingboing/pic

We understand Darren Martyn (above), 25 (according to court papers but looking considerably younger in his Facebook picture above), from Co Galway who has been charged with two counts of ‘computer hacking conspiracy’, last night wrote, under his alias Infodox, to Boards.ie about his arrest:

Knew it would come out eventually… Feck. Oh well… I suppose one cannot hide forever from their past. I had gone kinda-whitehat just a small bit before my arrest, and since my arrest have worked to try “rehabilitate” self by contributing as much as I can to the open source/security community while I remain at liberty to do so. We *really* were not too bright (oh, the wonders of hindsight) and I have been regretting it since *before* I got caught. As I have said in the past – going blackhat is probably the most stupid thing you can do. I had to learn that the hard way.
Funny fact: Topiary suspected Sabu was a narc, ‘cos he vanished for a while and when he came back he *never* owned another box. He just did the shouty thing.

 

We wish him the best.

Infodox (Boards.ie)

Whitehat?

After Hacker Arrests, an Attack on the Vatican and a Growing Anxiety (New York Times)

Earlier: FBI: “Garda Blunder” Led To LulzSec Conference Call Leak

 

httpv://www.youtube.com/watch?v=pl3spwzUZfQAn Irish police officer’s email blunder led to the spectacular leak of a sensitive conference call between the FBI and Scotland Yard, US Law enforcement said..
An indictment unsealed in a New York court alleges that a teenager linked to the Lulz Security group of hackers was able to eavesdrop on the call after an unnamed officer with Ireland’s national police force forwarded a work message to his insecure personal email account.
The email, which apparently originated from the FBI’s Timothy Lauster, invited dozens of law enforcement officers from across Europe and the United States to coordinate their efforts against LulzSec and its amorphous umbrella group, Anonymous.
The FBI’s indictment said that 18-year-old [first year Trinity College student] Donncha O’Cearrbhaill (above) intercepted the email and used the information in it to access and secretly record the Jan. 17 call, which hackers subsequently broadcast (video above) across the Internet.

FBI: Irish Misstep Led to Conference Call Leak (Associated Press)

How The Leak Happened:

 At some point in December 2011 or January 2012, two Garda officers  had their personal Gmail accounts compromised by a hacker. No big deal from a security perspective—except that one of the officers “routinely sent e-mail messages from an official Garda e-mail account to one of the Compromised Gmail Accounts,” according to the FBI warrant.

The hacker monitored the Gmail account for weeks. During the month of January alone, Google’s records show that he accessed the compromised accounts 146 times through a VPN called Perfect Privacy. At some point, he saw an e-mailed invitation for a conference call related to Anonymous, and he pounced.

Using the name “anonsacco,” the hacker then entered a private Anonymous IRC chatroom called “#sunnydays” and spoke to the government source tagged only as “CW” in the FBI affidavit today. (CW appears to have been “Sabu,” a notorious Anonymous/LulzSec hacker who had in fact been arrested in June 2011 and then turned into an FBI informant)

Anonsacco opened the dialogue with CW by saying, “Hi mate. Could I ask you for help? I need to intercept the conference call which would be a very good leak. I have acquired info about the time, phone number, and pin number for the conference call. I just don’t have a good VOIP setup for actually calling in to record it… If you could help me, I am happy to leak the call to you solely. I guarantee it will be of interest!!!”

On January 17, using login details in the e-mail, anonsacco joined and recorded the conference call.

On January 28, anonsacco was back in IRC with an offer to share the recording he had made. “I think we need to hype it up,” he wrote. “Let the feds think we’ve been recording the calls. They will be paranoid that none of their communications methods are safe or secure from Anon.” (The Twitter account “AnonymousIRC” took the advice to heart, tweeting, “The #FBI might be curious how we’re able to continuously read their internal comms for some time now. #OpInfiltration”)

Anonsacco then used an online file-sharing service to send a copy of the recording to CW. It was later uploaded to YouTube by someone else, where it was viewable by the public.

Perhaps the most surprising revelation in the affidavit is that anonsacco/palladium had a history with the police. He had actually been picked up by the Garda on September 1, 2011 in conjunction with another hack. (He later told CW that he had been “v&” or “vanned” by the police, and he expressed surprise that the police showed him detailed transcripts of his conversations.) He was released after his arrest, however, and promptly went back out and infiltrated Garda e-mail accounts. On January 9, 2012, he even boasted to CW that he had “just got into the iCloud [account] for the head of a national police cyber crime unit. I have all his contacts and can track his location 24/7.”

FBI names, Arrests Anon who Infiltrated Its Secret Conference Call (Arstechnica)

If extradited O’Cearbhaill, a socialist activist whose father is independent Offaly county councillor John Carroll, faces a potential ten years in US prison for the first, “computer conspiracy” charge and five years for the “unlawfully intercepted wire communication” charge. The potential penalty in the Irish jurisdiction for cyber crimes in unclear.

Attempts to contact O’Cearbhaill, who is Head of Research at digital marketing company Emarkable, proved unsuccessful. A family member informed the University Times that he remains in Garda custody in Terenure and his computer and phone have been seized. Trinity College Communications Office had “no comment to make” on the matter. The University Times understands that O’Cearbhaill was arrested near to his Halls home [yesterday] morning.

Trinity Student Arrested in FBI Hacking Probe (Rónán Burtenshaw, University Times)

A software developer and amateur hacker has claimed the existence of exploits for wireless routers currently used by Eircom that theoretically would allow hackers who know what they are doing to break into their neighbours’ wireless networks.

In a blog published this morning, software developer Ross Canpolet referred to an exploit called RouterPWN v:1.3.138 that allows several methods of hacking routers and modems, such as Eircom’s popular ZyXEL P-660.

“I can confirm that the ZyXEL p-660HW-T1 v3 model running v3.70 (BOE.2) D0 | 03/01/2010 can be targeted and exploited,” Canpolet wrote.

Canpolet confirmed to Siliconrepublic.com that he has warned Eircom of the issue so that the operator can fix it.

Hacker Claims Most DSL Modems In Ireland Can Be Hacked (Silicon Republic)