Hi all,

I only joined this site to ask for help regarding an odd issue i've just heard about.

A friend of my brothers has had her internet connection hacked apparently.  She cannot go online at home and the hacker has called her repeatedly demanding £200 to reinstate her connection.  Personally i've never heard of this kind of thing happening to a home network but i'm not really up to speed regarding this kind of attack.

Apart from contacting the ISP and authorities, can anyone recommend a course of action?  (I'd really love to be able to wipe the smirk off the guys face!)

He called again at 0830 this morning to laugh at my brothers attempts to stop him.  I only got the news via txt and have been unable to contact my bro to find out exactly what he tried but I will post more details as I obtain them.

Thanks to any and all who have advice on this.

Hi Yuck,

I've been trying to find out if she has contacted the police etc but at present i've had no luck getting in touch.

The reason i posted here was BECAUSE the site is called Ethicalhacker.net.  I was hoping someone with a decent level of morality and ethical standards would be able to assist in derailing the perpetrators attempts to extort a single mother.

Thank you for the reply and i'll try to explore other avenues in the meantime.

Cheers.

Hey Yuck,

I don't want to fight fire with fire, i'd love to sure, but i'm actually only interested in any tips or techniques to stop what is happening.

Sorry if I wasn't clear on that.  I can see from my original post that the comment in brackets would probably lead you to think I want advice on hacking back, but that's not the case.

I also realise I haven't really given you anything to go on as I have no more info myself atm.  I don't even know what kind of setup she has or how exactly this has come to pass.

I'll try to get the details and then perhaps I can ask here for advice on how to prevent further intrusions of this nature.

I'd be interested to know if anyone has heard of something like this happening before.  It seems sort of personal to me and a lot of trouble to goto for £200, especially if the police become involved regarding 'cybercrime' or extortion, i'm not even sure what this would be classed as.

Thank you again for your input Yuck

It should probably be claimed as extortion, but I haven't studied Cyber Law (yet).

Most likely, without more information on how the person is keeping her off line, and what services are affected I would guess guy has a proxy set up somewhere.

Start at the OS level. Have your brother download a copy of Ubuntu linux from home (or any other version of linux that can be ran from CD). Also print out a few sheets or take good notes on how to do some basic stuff. Like getting network configured.

See if that lets her on the internet.

If not, then move up to the next thing. check for a router or home access point. If possible pull that out of the mix. Using the computer running from the LiveCD, see if you an get on the internet.

If not, call the service provider and tell them about the problem and tell them to fix it or cancel the service and get something else.

Before new service is established, I would at the very least do a fresh install of the OS, and harden it (there are documents on the internet how to do that), and flash the router / access point.

You'll probably want to do that in any case. Don't trust and thing on the connection, and don't expose more boxes to it. Get everything remotely and then take them on CD (NOT RE-WRITEABLE), so they can't be messed with. Also if possible check the hash of the item downloaded so not to get bad versions.

My first thought about this was that maybe she had an unsecured wifi network, and the first step might be just hitting the reset button on the back. Or plugging the computer directly into the modem to see if it gets a connection that way.

Just a thought.

Edit: I don't recommend leaving the computer plugged directly into the modem if this is the case, just a test to see that it works.

+1 to Don's idea! Some of these types are just script kiddies and may not be too bright. 

Also additional info on utilizing a bootable linux CD.  If you can get online using that OS, then the configuration is with the main OS and not the actual ISP/modem/router equipment.  Meaning, the guy somehow got remote control over the computer and configured the OS with some redirects or proxies.  Another item to document is what happens when they try to go to the internet?  Do they simply get a "Page cannot be displayed..." message or do they get redirected to a website that they can't seem to get past? 

There's no direct cyber law related to this kind of extortion (that I'm aware of, but there are of course other laws to protect people from extortion), but let me just check my notes..

U.S. Code Title 18, §1362: Communication lines, stations or systems
http://www.law.cornell.edu/uscode/usc_sec_18_00001362----000-.html

U.S. Code Title 18, §2701 et seq: Stored wire and electronic communications and transactional record access.
(If the hacker has acquired access to data which he is not the intended recipient of.)

U.S. Code Title 18, §1029: Fraud and related activity in connection with access devices.
(If he has gained unauthorized access to a system.)

Most prosecutions in the USA goes into the U.S. Code Title 18, Section 1029 and 1030 (Fraud).


These only applies to the United States of course, and these are not all the laws that may apply in this case, but just a few of the common cyber laws.


A website that may interest you: http://www.cybercrime.gov//

Side-note: Mother of god, I should've never begun reading my notes, now I want to read all of them to catch up on topics I apparently forgot about xD

Extra Side-note: In case you wonder why I have these notes, you need to know about common cyber laws in various countries if you're going to do the GPEN certification. Other certifications such as CEH includes cyber laws too.