Friday, June 20, 2008

Quote of the day

Quote of the day

Honesty & Clarity –

Honesty does not mean simply speaking your mind. Honesty means to be very clear about everything going on inside you. Where there is honesty, feelings become pure and clean. Honesty is where there are no other thoughts or feelings inside, other than those that God himself would have. Such clarity is reflected in your words; they will be filled with the power of truth, and spoken with ease and without hesitation. The genuine honesty cultivated within you is what will reach out and touch others.

New IT Term of the day

New IT Term of the day

PIX Firewall

Short for Private Internet Exchange Firewall, a firewall protection technology developed by Cisco Systems.

Olympic technical rehearsal called a success

TR2 : Olympic technical rehearsal called a success

Steven Schwankert

IDG News Service

June 19, 2008


The second of two technical rehearsals for the 2008 Beijing Olympic Games was declared a success Thursday by Beijing Olympic technology officials and Olympic systems integrator Atos Origin.

Unlike the first test in April, the June 11-13 trial was a full-scale rehearsal, testing communications and systems involving all 31 Olympic venues in Beijing, along with venues in other cities, including sailing in Qingdao, equestrian events in Hong Kong and soccer in Shanghai, Shenyang and Qinhuangdao.

The rehearsal, known as TR2 (Technical Rehearsal 2), simulated all the events held on Aug. 13, 16 and 21, the busiest days of the Games in terms of the number of different contests and venues in various parts of China. About 500 scenarios -- including power failures, food poisoning affecting staff, server failures and unauthorized network connections -- were thrown at 2,500 staff members during the test.

About 80% of the scenarios were based on problems that have arisen at previous Olympics, said Jeremy Hore, Atos' chief technology integrator, in an interview during TR2. He said the rehearsal was focused on staff operations: "If there was a situation, would we be prepared? Operationally, are we ready or not?"

Hore said that problems ranged from simple requests, like adding a phone line at a venue, to more complex issues, like a power failure.

Teams at each venue are trained to deal with issues first and handle them independently, especially any smaller problems. However, if a larger problem occurs, then the Technical Operations Center (TOC) at the Digital Headquarters in the Olympic Park is alerted. It generates an electronic ticket indicating that there is a problem, and the ticket is logged by a technician who then initiates a response, Hore said.

Problems are assigned at the TOC based on their requirements, such as networking, administration and Windows.

Hore said that communications -- specifically language issues -- were revealed during TR1. "Who do I communicate to? How do I provide assistance? How do I log the ticket? Who do I call?" were among the issues Hore wanted to tune up after the first rehearsal.

Also, problems may involve not only the venue and the TOC, but other parties as well, such as the media or a particular sports governing body.

One complex problem relates to the disqualification of an athlete. A sport's governing body must first notify the other relevant parties, including the IT team, that they have authorized the disqualification. The results for the event must then be regenerated, and may affect medal awards and medal counts. All media outlets must then be notified, and all databases must be updated to reflect the new results.

However, just as not even a world championship can be a warm-up for the Olympics, TR2 is small scale compared with the actual event. The Games will utilize 4,000 IT personnel over 16 days, with 24-hour staffing of the TOC beginning in mid-July.

Hore said that any problems still not resolved during TR2 will be fine-tuned during the remaining weeks before the Games begin.

"It doesn't mean I'm not stressed, but I still sleep. If I don't sleep now, then I'll be dead by the time the Games arrive," he said.

UK Gov claims 'password protection' PC is safe!!!

JUST LAUGH : UK Gov claims 'password protection' PC is safe!!!

By Joe Fay

18th June 2008


The government sent the security industry into gales of laughter today when it insisted that sensitive documents on Hazel Blears’ missing PC are quite safe, as the machine is “password protected”.

The gov’s soothing words came amid speculation on what formal action, if any, communities and local government secretary Blears will face, as her department admitted the missing machine included files which should never have been there in the first place.

Meanwhile, it emerged that contrary to initial reports, the missing PC wasn’t a laptop but a desktop. So not only was sensitive information wrongly downloaded, it was downloaded to a machine that by definition would have spent its days in Salford, rather than being kept close to the minister’s side.

And even though the machine was in an alarmed room, and according to government spokespeople security staff were there in minutes, the light fingered constituent was still able to slip out of the building with an armful of PC without being collared.

According to The Evening Standard, government ministers can download sensitive materials to special, secured laptops. However, the paper reported, the machine in question was not one of these.

As of yesterday afternoon anyway, Number Ten was fighting shy of heaping blame on Blears, with the prime minister’s spokesman refusing to comment on what was on the PC and whether any of the files on it should never have made their way out of Whitehall.

Number Ten was still examining the matter, he said, and couldn’t comment as to whether there had been any breach of procedures. The spokesman also refused to speculate on what action might be taken against Hazel Blears.

However, by yesterday evening, Blears’ own civil servants had admitted that there was more on the PC than there should have been.

Communities and Local Government Permanent Secretary Peter Housden said, in a statement: "It is clear that papers have been sent to Hazel Blears in a way that is not fully consistent with the departmental guidance."

However, Housden insisted “no damage” had been done and added: "The computer was password-protected.”

It is that last statement which will have security professionals in tears since cracking a password, as opposed to cracking an encrypted PC, is considered a trivial task.

Gordon Brown’s spokesman said yesterday that the PM had told the cabinet yesterday morning to remind staff of “the importance of enforcing procedures on the treatment of sensitive information”. We’re hoping that is a diplomatic way of saying Brown tore strips off the captains of a fleet of increasingly leaky ships.

In the meantime, the government might do worse than despatch a crack MI5 team down to Waterloo Station to scour the trains post rush hour, as this seems to be the main clearing house for sensitive government information these days.

Swedish Parliament Passes surveillance law

ORWELL : Swedish Parliament Passes surveillance law

18 Jun 2008


Swedish lawmakers voted late on Wednesday in favour of a controversial bill allowing all emails and phone calls to be monitored in the name of national security.

The vote, one of the most divisive in Sweden in recent years, had initially been scheduled for early Wednesday but was postponed after more than one-third of MPs voted to send the bill back to parliament's defence committee "for further preparation."

After the committee required that the centre-right government safeguard individual rights further in an annex to the law to be voted on in the autumn, the bill narrowly passed with 143 votes in favour, 138 opposed and one parliamentarian abstaining.

Critics have slammed the proposal as an attack on civil liberties that would create a "big brother" state, while supporters say it is necessary to protect the country from foreign threats.

The new law, set to take effect on January 1st, 2009, will enable the National Defence Radio Establishment (FRA) -- a civilian agency despite its name -- to tap all cross-border Internet and telephone communication.

But although the government said only cross-border communications would be monitored, all communications risk getting caught in the net since some internet servers are located abroad and FRA would need to check all emails to determine whether they have crossed the border.

Under the current law, FRA is only allowed to monitor military radio communications.

The Defence Ministry, which hammered out the proposal, insists the new legislation is necessary in today's changed world, where communications are increasingly transmitted through fibre-optic cables.

The government holds a slim seven-seat majority in parliament, and with the left-wing opposition vehemently opposed to the proposal, just four "no" votes within the coalition could have sunk it.

A number of the coalition members had voiced deep concern about the bill before Wednesday's revision was made, while opponents in parliament, along with hundreds of demonstrators gathered outside the building, faced a nervy wait for the result.

"This law is rotten to the core. (It) is about violating integrity. Regardless of what words they use, it will do exactly that," one of the demonstrators, 32-year-old Magdalena Berg from Gothenburg, told Swedish public radio.

Critics of the new law, including human rights activists, journalists, lawyers and even the former head of the Swedish intelligence agency Säpo, had before Wednesday's revision argued that it did not go far enough in safeguarding individual rights.

Unlike police, FRA will, for instance, not be required to seek a court order to begin surveillance.

The government on Wednesday insisted it had addressed these concerns with the last-minute revisions to the law that among other things added further independent and parliamentary controls to FRA's work.

Former Säpo chief Anders Eriksson, who currently heads up the Swedish Commission on Security and Integrity Protection, was not impressed.

"I think the law needs to be re-written. It is not enough to create a few checks and balances ... It is the law itself there is something wrong with," he told Swedish radio before the vote.

Thousands hit in ATM scam in Canada

CRIME FACTORY : Thousands hit in ATM scam in Canada

Eight people face a total of 101 charges in scheme that spread across Toronto, York, Peel


The Globe and Mail

June 19, 2008


Thousands of bank customers have been defrauded of millions of dollars in one of the most elaborate automatic-teller theft operations ever seen in the Toronto area, police said yesterday, announcing multiple arrests and the dismantling of a network of what they termed "debit-card labs."

Dozens of bank machines were compromised - possibly more - and investigators are still trying to assess the scope of the mass ripoff, said Staff Inspector Steve Harris of the Toronto fraud squad.

The scam involved surreptitiously recording customers' debit-card data as they did their banking and then transferring it to assorted types of phony, custom-modified cards being churned out in at least three different locations.

"I wouldn't say it's easy, it takes sophistication and you have to have the right equipment," Staff Insp. Harris said. "But this particular gang was sophisticated."

Eight people face a total of 101 charges, mostly fraud-related, in a scheme police say was spread across Toronto, York Region and Peel Region.

One of the counterfeit-card labs was in a large industrial complex in York. A second was in a Toronto apartment. A third was discovered in a car.

The scam was far from unique. Canadians are among the world's most prolific users of debit cards, and last year, thieves defrauded roughly 159,000 card holders of more than $100-million, statistics compiled by the Interac Association show. (As with credit-card theft, the losses are almost always picked up by the financial institution.)

This operation, however, displayed particular finesse.

After six weeks of surveillance and other covert work, the joint-forces investigation netted $120,000 in cash, skimmers, card readers, cameras, embossers, moulding machines, and other hardware.

And while all the major banks appear to have been hit, until experts have examined the 40 computers that were also seized, they won't know how many customers were defrauded.

"It's going to be thousands and thousands," Staff Insp. Harris said. As to the number of compromised bank machines, "I'd start with dozens, but that may expand."

Debit-card theft entails stealing and marrying up two sets of details: the data in the car's magnetic stripe and the user's PIN - personal identification number.

In this instance, the primary target was high-volume, 24-hour teller machines in satellite locations rather than on bank premises.

As lookouts kept watch, police said, the thieves were able in a matter of minutes to install near-invisible pinhole cameras in and around the ATM booths.

Simultaneously, they would insert plastic overlays over the machine's card-reader, containing reading equipment that would relay the data to a remote storage device.

The data would then be transferred on to all types of cards, new and discarded. Cards originating from outlets as diverse as Wal-Mart, Royal Bank, CIBC, Old Navy, Starbucks and Toys "R" Us were seized in the police raids.

Even long-discarded hotel-room cards can be custom-fitted with the data needed to drain or deplete a bank account.

"These were pretty much start-to-finish labs," Detective Ian Nichol said. "Anything with a magnetic stripe can ultimately be adapted for that use."

Police would not disclose the locations of the ATMs that were tampered with, but said the investigation was triggered when bank authorities began noticing unusually high levels of cash withdrawals.

Wednesday, June 18, 2008

Quote of the Day

Quote of the day

I went in search of a bad person; I found none as I, seeing myself, found me the worst.

Sant Kabir, Poet of India

New IT Term of the day

New IT Term of the day

ping of death

A type of DoS attack in which the attacker sends a ping request that is larger than 65,536 bytes, which is the maximum size that IP allows. While a ping larger than 65,536 bytes is too large to fit in one packet that can be transmitted, TCP/IP allows a packet to be fragmented, essentially splitting the packet into smaller segments that are eventually reassembled. Attacks took advantage of this flaw by fragmenting packets that when received would total more than the allowed number of bytes and would effectively cause a buffer overload on the operating system at the receiving end, crashing the system.

Ping of death attacks are rare today as most operating systems have been fixed to prevent this type of attack from occurring.

Malware not man blamed in child porn download case

LAW : Malware not man blamed in child porn download case

By John Leyden

16th June 2008


A Department of Industrial Accidents investigator has been cleared of child porn possession charges after a forensic investigation revealed that malware was to blame for depraved smut on his company laptop.

Michael Fiola, 53, of Rhode Island, went through a massive ordeal after images of child abuse were discovered on a replacement machine he received in November 2006, following a laptop theft. He lost his job in March 2007 after an internal investigation, prompted by a Verizon wireless bill four times higher than his colleague, unearthed the suspicious content. Fiola had worked for the agency investigating workers' compensation fraud for seven years prior to his dismissal.

The case was forwarded onto the authorities who filed a criminal complaint in August 2007.

But subsequent forensic investigation discovered that malware was responsible for silently downloading images of pre-pubescent kids onto the machine. Computer experts hired by both the defence and prosecution agreed with this analysis.

Computer forensic analyst Tami Loehrs said that malware surreptitiously served up pre-teen pornographic images onto the machine without the awareness of its user. Loehrs described the case as "one of the most horrific" she'd ever dealt with.

In her report to the court, Loehrs said "the laptop was compromised by numerous viruses and trojans, and may have been hacked by outside sources."

All the offending images were loaded into locations reserved for cached web pages. Crucially there was no sign that any user had viewed or attempted to access this content.

“There is no evidence to support the claim that Michael Fiola was responsible for any of the pornographic activity,” Loehrs wrote.

Two computer forensic experts hired by the prosecution came back with the same conclusion.

"The overall forensics of the laptop suggest that it had been compromised by a virus," said Jake Wark, spokesman for Suffolk District Attorney Daniel Conley.

The case against Fiola has been dropped, but he still wants his day in court following months of hell when friends turned against him, leaving his faithful wife Robin as his only supporter. Fiola, described by his wife as "computer-illiterate", intends to sue his former employers over their actions in the case.

DIA spokeswoman Linnea Walsh said that the agency stood by its handling of the case.

Fiola’s lawyer Timothy Bradl criticised this stance: "Imagine this scenario: Your employer gives you a ticking time bomb full of child porn, and then you get fired, and then you get prosecuted as some kind of freak," he said.

Technology can't work without good operational backup

VIEW : Technology can't work without good operational backup

Lack of engagement between IT and business reduces the effectiveness of technology

Security needs much more than technology alone, says KPMG

Janie Davies


17 Jun 2008

Too much reliance on technology is causing security breaches, as IT managers are distracted from ensuring that operational procedures are effective, according to research by KPMG.

Sixty-eight per cent of executives say identity and access managemnt (IAM) projects are hindered because they focus too much on technology, neglecting the necessary organisational and procedural changes, the survey revealed.

Only 11 per cent are completely satisfied with the outcome of their IAM projects.

And the survey found that 50 per cent of IAM project failures are caused by lack of engagement between IT and the business.

Technology only plays a part in security, said Malcolm Marshall, partner at KPMG.

“The common misconception is that IAM is about dealing with 'user-ids' and 'passwords'," he said.

"IAM is 80 per cent process, policy and governance and 20 per cent technology. Recent control failures have shown that failing to get the governance of policies and process right can lead to serious security breaches.

“Frequently only the technical operation side of the system is considered," he added. "Failing to get buy in across the business for the non-IT changes these systems require is crucial.”

UK Security minister concerns risk of cyber-crime

CONCERN : UK Security minister concerns risk of cyber-crime

By Ash Dosanjh

17 Jun 2008


The UK government is taking action against state-sponsored cyber attacks, as well as individual hackers, according to Lord West.

The security minister addressed the House of Lords to tell them that the UK is the target for a “large number of attacks” and asserted that since the UK has become more connected, it faces greater challenges.

“There is no doubt that as we become more interconnected - as we are in terms of links to the internet, webs, and so on - we become more vulnerable,” said Lord West.

However, Lord West refused to specify on where and how the UK has been targets.

“There are a large number of attacks but it is not in the interests of national security to be specific about who has been attacked or when because that would give away techniques and skills.”

There a currently several defence mechanisms in place on the domestic front, according to Lord West. These include computer emergence response teams protection the public sector and the Centre for the Protection of National Infrastructure (CPNI) security response teams defending the private sector.

The national response to cyber attacks is currently co-ordinated by the Central Sponsor for Information Assurance, which is part of the Cabinet Office.

A spokesperson for the Home Office said that they would not discuss details of individual attacks but did confirm that the UK had been targeted.

“Electronic attacks have been directed at various organisations globally, including elements of out national infrastructure, for criminal and other purposes. They may emanate from many parts of the world and it can be unclear where responsibility lies.

“Such attacks involve unauthorised access to computers and networks, with the intent of stealing data or disrupting services. It is not in the interest of our national security to confirm or deny attacks against specific organisations.”

Back in March, Prime Minister Gordon Brown made a statement to the House of Commons in which he said that the “nature of the threats and the risks that we face have in recent decades changed beyond all recognition”.

In his ‘National Security Strategy’, Brown reported that there would be moves to secure the UK against cyber attacks. According to the PM the new CPNI, which was set up last year, will provide “a higher level of protection against internet-based threats”.

New DNS Trojan Hacks Home Routers

RISK : New DNS Trojan Hacks Home Routers

Researchers discover new variant of DNSChanger that changes DNS settings in home routers

By Kelly Jackson Higgins

Senior Editor, Dark Reading

JUNE 17, 2008


A newly discovered Trojan in the wild hacks into home wireless routers and changes their DNS settings to point to the attacker’s rogue DNS server. The malware is a new variant of the DNSChanger Trojan that has been circulating around the Internet, according to researchers at Secure Computing who have been studying it.

Home routers make easy prey because many users don’t lock them down, and even use their default passwords for authentication. There’s been plenty of research in this space over the past year, everything from drive-by hacks to botnet infections to DNS rebinding. (See Attackers Use New 'Call-Home' Method to Infiltrate Home Networks and RSA Session Features Live Linksys Router Hack and The Hack Your Home Router Challenge.)

Sven Krasser, director of data mining research for Secure Computing, says the new DNSChanger Trojan attack also indirectly infects any machine that connects to the router. “This is the first time we’ve seen on [a] wide basis that the computing resources of the wireless router are part of the attack,” he says. “It also [affects] machines that are not directly exploited -- ones that are connecting to the router.”

The Trojan executes brute-force attacks on the Web interface of a router that only uses basic authentication -- and it’s mostly going after D-Link and Linksys routers so far, according to Krasser.

Secure Computing says the attackers behind the malware are the infamous Zlob malware authors.

Krasser says the attackers can send a victim to any Website, and most times return the correct site back to the user to evade detection. Other times they redirect a user to their own spoofed pages, he says. He says phishing is a likely goal of the attackers.

He says it’s possible that attackers could kick the attack up a notch and add put their malcode onto the routers, such as zombie code. Secure Computing researchers have posted some screen shots and an analysis of the Trojan in their blog.

Never use default passwords in home routers, Krasser says, and keep it updated.

Monday, June 16, 2008

Quote of the day

Quote of the day

You see what power is -- holding someone else's fear in your hand and showing it to them!

Amy Tan

New IT Term of the day

New IT Term of the day


Closely related to hacking, using a computer or other device to trick a phone system. Typically, phreaking is used to make free calls or to have calls charged to a different account.

Data Breach Post Mortem Offers Surprises

ANALYSIS : Data Breach Post Mortem Offers Surprises

By Kim Zetter

June 13, 2008


A new report examining network data breaches from 500 forensic investigations involving 230 million compromised records has some surprising statistics.

Although it's long been thought that insiders proved to be a greater threat for companies than outsiders, the post mortem study shows that intruders outside an organization (whether they be criminal hackers or others) were the cause of 73 percent of breaches examined in the study. Only 18 percent of breaches were attributed to insiders (although when the culprit was an insider, the consequences of the breach were generally greater, exceeding the size of external breaches by ten to one).

Thirty-nine percent of attacks came from a privileged business partner -- a vendor, supplier, customer or contractor -- and were the fastest growing type, increasing fivefold over the course of the four-year study.

In the case of insider attacks, IT administrators were by far the biggest culprits, accounting for 50 percent of attacks, although in one case involving an insider, external hackers solicited an internal IT administrator to open a back door in his corporation's network to let them in.

The report speculates that the number of insiders involved in the cases might be small because insiders may be more adept at keeping their activities secret -- presumably because they know the system better and know its monitoring weaknesses.

The time it took to conduct an attack ranged from minutes to hours in almost half the cases. By contrast, it generally took organizations months or years to discover the breach. And once they did discover the breach, they were slow to respond. The report attributes this to the fact that most organizations still don't know how to respond to a breach.

In terms of the number of records compromised in attacks, the average breach involved about 1.2 million records. When it comes to median numbers broken down over types of breaches, internal breaches accounted for the greatest number of compromised records -- 375,000 compromised records as opposed to 30,000 for external attacks and 187,500 for trusted partner attacks.

Payment card data was the largest category of compromised records, accounting for 84 percent of the 230 million compromised records. The next largest category was personally identifiable data -- Social Security numbers, birth dates, and other types of data that can be used for identity theft. Intellectual property theft accounted for only 8 percent of compromised records.

In 66 percent of the breaches, the victim organization did not know that sensitive data involved in the breach was even on the computer system from which it was breached.

Some 85 percent of breaches were opportunistic, rather than targeted -- meaning the organization hadn't been specifically singled out for attack -- and in 75 percent of breaches the organization discovered it was breached only because a third party gave them information that made them realize they'd been breached (either someone noticed fraudulent activity with information that was traced back to a breach of the company or a hacker bragged that he had penetrated the organization).

Most significantly, only four percent of breaches were discovered through log analysis or some other systematic network monitoring method, suggesting that despite the fact that many companies have installed intrusion detection systems, few actually read the event logs on a regular basis or have a system for recognizing and acting on what they find in logs.

In at least 62 percent of breaches a significant error or act of omission on the company's part (such as a system misconfiguration or failure to comply with processes or standards) contributed to the breach.

Surprisingly, only about 23 percent of breaches involved the attacker exploiting an application, operating system or service vulnerability. Of the cases involving a known vulnerability, 90 percent of the vulnerabilities had patches available for at least six months prior to the breach, which had not been applied.

Eighty-seven percent of attacks could have been avoided if reasonable security measures had been in place.

The report was compiled by Verizon's Business Risk Team from more than 500 investigations between 2004 and 2007 that its forensic team investigated. The largest number of cases involved retail and food and beverage companies -- the easiest to breach.

Note that numbers in the report summary don't always seem to match numbers in the report itself. This is because the summary report combines numbers in some cases or defines the numbers slightly differently than the report itself defines them.

Download report at - http://blog.wired.com/27bstroke6/files/databreachreport.pdf

More villains turn to e-crime

EASY CRIME : More villains turn to e-crime

Lower detection rates and ease of execution make e-crime attractive

Ambrose McNevin,


12 Jun 2008


Drugs gangs and armed robbers are turning to e-crime, as it is much harder to detect and the chances of being caught are much lower.

The world of e-crime has become low-tech, according to presentations to this week’s e-crime summit in Newport, Wales.

“It used to be considered that e-crime was high-tech crime but now there are much lower barriers to entry and, being very innovative, criminals have moved from armed robbery to drugs and are now exploring opportunities in e-crime,” Chris Corcoran, chief superintendent of North Wales Police and chairman of the e-Crime Wales Steering Group, told Computing.

Corcoran said that the police have been overwhelmed by this shift, and are now having to play catch-up. “The realisation is that e-crime is an everyday crime. There was a time when well-educated, IT-literate hackers were considered to be e-criminals but it has become easier to commit these crimes,” he said.

“It is now a very broad market covering everything from denial of service and phishing attacks to the sale of stolen goods on auction sites.”

So-called ethical hacker Jason Hart, a director at security company Cryptocard, said: “Wherever you are in the world people are talking about e-crime, but few are doing enough to protect themselves from it. Those in business need to understand how vulnerable the vast majority of them are from rudimentary attacks, and how frequently they take place.

“Most importantly, they need to understand that effective remedies to these issues do not need to be complicated, expensive or technically complex.”

In Wales last year e-crime is estimated to have cost £294m, and figures from The European Network Information Security Agency (Enisa) showed six million computers in the European Union are infected by ­ and connected to ­ botnets and spam. This is said to be costing businesses €65bn (£51bn).

Wales intends to make itself the destination of choice for inward investment and as a location of safe business through its efforts to counter e-crime, which include the appointment of e-crime specialists at each of the four Welsh police forces.

This week also saw the launch of the Information Security Awareness Forum (ISAF) web site which aims to educate businesses on the risks of e-crime.

16-year-old ruled cyber fraud gang from Mumbai

MAFIA : 16-year-old ruled cyber fraud gang from Mumbai

15 Jun 2008

Parth Shastri,TNN


AHMEDABAD: Ajay is 16 and studies in Class X. But let him loose in cyberspace and he's a millionnaire, leaving hundreds of credit card holders broke across the globe.

Ajay was picked up from Mumbai on Thursday and detained by the Gujarat police in a hacking case that left them baffled with its global spread.

This St Ann's student from Mulund has mastered the ability to hack online shopping websites and channel the money paid by cyber buyers into his own account.

The racket surfaced when Ahmedabad crime branch sleuths were investigating a case of hacking of a popular online shopping site and arrested three boys in the city. They turned out to be part of Ajay’s gang.

Probe has revealed that his network spreads across Mumbai, Hyderabad, Bangalore and Ahmedabad. His mentors live in the US, Vietnam and other countries.

Ajay, the son of an employee of a textile firm, would give instructions to Wahid Khan, a resident of Kalupur, and Shahid Khan and Haadi Ghoghai of Juhapura, both in Ahmedabad, until they were arrested on Thursday. Ajay had taught them to create fake accounts and crack into others’ credit card accounts to make big bucks.

His prowess in hacking high-security and government websites let Ajay into a hacking community, which gave him access to a huge database of credit card Customer Verification Value (CVV) numbers of prominent banks across the globe.

Ajay’s tools included his laptop, a communicator and a cellphone. But, police say, Ajay’s PC has no data and he has covered his tracks.

All the evidence available is from Shahid Khan’s laptop which has folders and files that hide cracked passwords and the IP addresses of internet domains that were hacked into for fraudulent financial transactions.

Ajay got in touch with online fraudsters during gaming and was hooked fast. He has told the police that after connecting with international hackers in the US, Vietnam, and other countries, he spent over 15 hours a day on the computer trying to figure out how it worked.

“He has a database of over 4,000 international credit cardholders, their CVV numbers and expiry dates,’ said a senior crime branch official.

He fooled the cyber police by using proxy servers for illegal transactions. “After making money illegally at the online shopping giant’s expense for over four months, he got in touch with Shahid Khan and Wahid Khan in Ahmedabad and let them into some secrets of the fraud,’’ said the official.

(Some names have been changed to protect identities.)

(Ajay and other looks like small parts of bigger Crime Syndicates. The methodologies indicate towards professional training by organized crime groups. They must be interrogated and punished as a message to others – Editor).

Jail sentence for botnet creator

PUNISHED : Jail sentence for botnet creator




A hacker who hijacked hundreds of PCs to create a botnet has been sentenced to 41 months in jail by a US court.

Robert Matthew Bentley of Panama City, Florida also faces $65,000 (£33,000) in fines and will be under supervision for three years on his release.

The hijacked PCs were used to attack other computers and install programs that plagued users with pop-up adverts.

He was caught following an investigation by the Metropolitan Police's Computer Crime Unit (CCU).

Hack attack

The investigation began in December 2006 after marketing firm Newell Rubbermaid notified the CCU about an intrusion on its network.

The trail led the investigators to Florida where Mr Bentley was using computers to co-ordinate attacks.

He and his accomplices drove so much data through the hijacked Rubbermaid machines that it almost brought the firm's network to a halt. The damage cost $150,000 (£77,000) to put right.

Aiding the investigation were the US Secret Service, FBI, security firm Sophos and other law enforcement agencies.

A botnet is a collection of computers under the remote control of a malicious hacker who then uses them for their own purposes. Most spam or junk e-mail is thought to be routed through hijacked PCs.

The hacking team were paid for every machine on which they successfully installed the ad-serving software and, according to US Department of Justice, made thousands of dollars out of their series of attacks.

"These computer criminals have no qualms about infecting computers around the world and causing thousands of pounds of damages," said Bob Burls, from the Metropolitan Police Computer Crime Unit in a statement.

"In their greed, they cause devastating damage to both private and company computers."

This Day in History

Thanks for your Visit