informa
/
Attacks/Breaches
News

The Most Notorious Cybercrooks Of 2011 -- And How They Got Caught

A torrent of attacks from groups like Anonymous, LulzSec, Goatse Security, and Antisec has made it a busy year for cybercrime investigators
5. Anonymous' Inside Man at AT&T: Lance Moore
Former AT&T Mobility contractor Lance Moore allegedly handed over to Anonymous tens of thousands of phone numbers, confidential server names with IP addresses, usernames, and passwords to log into them, plus corporate emails, presentation documents, and intellectual property that was used by the LulzSec/Antisec movement in a public data dump this summer. According to his indictment soon thereafter, his misdeeds were discovered through the robust network auditing and log management run by his employer. AT&T was able to use its various logging and intelligence capabilities to connect the dots between an AT&T VPN connection used to upload documents to FileApe.com at the same time that unauthorized access was made to sensitive information. The IP address used was assigned to a group of less than 20 contractors and further investigation by security staff showed that Moore's account was the only one used to access both FileApe and the servers with the stolen digital goods. What's more, Web monitoring software showed that he used his account to search on Google for information on uploading files and file hosting.

6. Apple iPad Snoop: Andrew Auernheimer
Authorities indicted Andrew Auernheimer (a.k.a. "weev"), a vocal member of Goatse Security, for his involvement in exposing a flaw in AT&T's Web security that the group used to acquire 114,000 email addresses belonging to iPad users, including notable celebrities, politicians, and businesspeople. The attack was carried out when Auernheimer and Goatse hackers realized they could trick the site into offering up the email address of iPad users if they sent an HTTP request that included the SIM card serial number for the corresponding device. Simply guessing serial numbers -- a task made easy by the fact that they were generated sequentially during manufacturing -- generated tons of sensitive addresses. Auernheimer and Goatse released details about the attacks to Gawker Media, and shortly thereafter the FBI arrested Auernheimer in connection with the breach.

7. Celebrity Hackerazzi: Christopher Chaney
Celebrity-obsessed hacker Christopher Chaney took cyberstalking to a new level when he used publicly available information from celebrity blog sites to help him guess passwords to hack Google and Yahoo emails owned by 50 different stars, including Scarlett Johansson, Mila Kunis, and Christina Aguilera. Using his access he set up email-forwarding to send himself of all email received by each celebrity. Chaney was responsible for the release of nude Scarlett Johansson photos that circulated the Internet. Though FBI investigators did not release the details of exactly how they managed to track Chaney down, they did report that they were piecing the details together during an 11-month investigation they dubbed "Operation Hackerazzi."

8. Gucci Hacker: Sam Chihlung Yin
Fired after being accused of selling stolen Gucci shoes and bags on the Asian gray market, the former Gucci IT employee allegedly managed to set up a VPN token using a bogus employee name on his way out the door. A forensics investigation found that after he left the job, he called the company's IT department posing as the fake employee to get his former co-workers to activate the fob, and from there he used that access to perpetrate digital mayhem, deleting servers, destroying storage set-ups ,and wiping employee mailboxes -- essentially cutting off employee access to files and email across the U.S. for nearly an entire business day.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Recommended Reading: