NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > InfoSec News> 2007-q3

[ISN] Fark.com sues over attempted hacking

From: InfoSec News (alertsinfosecnews.org)
Date: Thu Sep 13 2007 - 01:07:44 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.kentucky.com/181/story/174791.html

[Backround information here -
http://www.infosecnews.org/hypermail/0708/13610.html ]

By Brandon Ortiz
Sept. 12, 2007

Fark.com has sued a man it accuses of attempting to hack into the e-mail
and computers of its staff members.

The Web site, founded in Lexington, allows members to comment on
postings of oddball news stories. It has developed a large national
following.

The lawsuit, filed in U.S. District Court in Lexington on Tuesday, says
an unknown computer hacker sent e-mails on Aug. 8 imploring Fark staff
members to visit a particular Web site. For the next four days, Fark
staff received forged e-mails that appeared to come from other staff
members, containing links to three Web sites. The links contained Trojan
horse programs, malicious software that allows secret unauthorized
remote access to computers.

The lawsuit says the purpose of the programs appeared to be to steal
passwords from infected computers and download them to a computer in
Tennessee. It says the hacker attempted to log in to Fark e-mail and
staff member accounts using stolen password information.

The hacker got into one of the e-mail accounts of a Fark moderator, said
the Web sites founder, Drew Curtis of Versailles. The infection did not
affect the Web site, he said.

We got lucky because they did not get all the way in, Curtis said.

Curtis says he is 99.9 percent sure he has identified the hacker, who he
believes works at a Memphis television station. He said he is waiting to
obtain information via subpoena to confirm his suspicions.

Thats what is weird: We dont know what they were trying to do, Curtis
said.

The lawsuit seeks undisclosed economic and punitive damages and a
permanent injunction against future hacking attempts.

____________________________________
Visit the InfoSec News Bookstore
http://www.shopinfosecnews.org

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]