Post Mon Jun 11, 2007 8:17 pm

Stupid Hacker Tricks

I don't know about you, but I can't stop laughing when I see those video shows when they have on the stupid criminals. And our industry is no different as you can see from this article by Andrew Brandt of InfoWorld Mag:

The annals of crime are rife with tales of heists pulled off by enterprising criminal minds. But for every caper carried out with style and smarts, there are hundreds of imprisoned examples of the boneheaded desperado -- guys too greedy, too hasty, or just too brain dead to pull off their nefarious deeds without getting caught.

You might be tempted to believe online crime would be the exception. After all, it takes a more sophisticated criminal mind to perpetrate a complex phishing scheme than to, say, rob a bank while chatting on a cell phone. But as any IT pro knows, the more complexity you add to a system, the more likely it is that system will fail in unanticipated ways. The same rule applies to criminals who employ complex webs of technology to further their misdeeds. And besides, despite their reliance on technology, cyberoutlaws are not robots themselves. More often than not it's what makes them human -- greed, an inflated ego, loose lips -- that ends up getting the better of them.

So, if you're responsible for protecting your company's electronic assets, or you're considering that long-fantasized career change to the Dark Side, we've compiled a short list of the dumb and the dumber: infamous hackers and scammers and the tricks they tried to pull. Any security professional worth his or her salt should be able to avoid these kinds of schemes. But if you fell (or fall) for one, you're by no means alone: to badly mangle P.T. Barnum, there's a cybersucker born every millisecond.

JeansonJames Ancheta: Don't take a (memory) dump where you eat
Sven Jaschan: Beware the bounty hunter in gym class
Christopher William Smith: The upper limit of enhancement
Robert Alan Soloway: A spammer by any other name
Jan de Wit: Say my name, worm
Alexei Ivanovand Vasily Gorshkov: Here's how I steal passwords, officer


For original story:
http://www.infoworld.com/article/07/06/ ... tro_1.html

Don
CISSP, MCSE, CSTA, Security+ SME