Skip to main content

Fraude de peste 34.000 $, in numai trei zile

Un fost consultant IT a recunoscut ca a folosit 60 de puncte de acces Internet din hoteluri pentru a sustrage timp de trei zile informatii privind cartile de credit ale clientilor care le vizitau.
Hario Tandiwidjojo, in varsta de 28 de ani din California, a pledat vinovat pentru acces neautorizat la un computer protejat. Pedeapsa maxima ar putea ajunge la cinci ani de detentie intr-o inchisoare federala si amenzi de pana la 250.000 $. Procurorii federali au recomandat o sentinta maxima de 10 luni pentru ca acuzatul a pledat vinovat. Sentinta va fi pronuntata in 3 martie.Folosind credentiale obtinute de la fostul sau angajator, Hario Tandiwidjojo a trecut de patru verificari cu parole necesare pentru a patrunde in punctele de acces Internet, care erau inchiriate clientilor cu ora pentru derularea de operatiuni de business, si a instalat aplicatii software care ii permiteau sa intercepteze informatiile privind cartile de credit. In luna februarie, in numai trei zile, pagubele provocate s-au ridicat la peste 34.000 $ si 300 de carti de credit au fost compromise.Agentii FBI au descoperit la domiciliul lui Hario Tandiwidjojo un dispozitiv de procesare a cartilor de credit care inscriptiona date pe banda magnetica, un terminal de carti de credit pentru procesarea tranzactiilor si un permis de conducere cu fotografia lui Tandiwidjojo si datele de identificare ale unei alte persoane.Computerele Dell folosite in punctele de acces Internet erau protejate cu un program destinat prevenirii oricarei modificari asupra sistemului de operare, dar Tandiwidjojo a reusit sa instaleze aplicatii keylogger si alte programe, care transmiteau detaliile cartilor de credit la scurt timp dupa ce clientii le treceau prin dispozitivul de citire. In multe cazuri a fost folosit LogMeIn pentru accesarea remote a statiilor.Showcase Business Centers, compania care opera punctele de acces Internet, a estimat ca au fost compromise cardurile apartinand unui numar de peste 300 de victime. Au fost vizate si punctele de acces operate de compania Shuttlepoint, dar in aceste cazuri Tandiwidjojo a reusit doar sa faca sistemele sa nu mai functioneze.Experienta lui Tandiwidjojo ca angajat al companiei ce opera punctele de acces Internet a fost esentiala in punerea in practica a atacului, acesta dispunand de credentialele necesare si prezentandu-se ca angajat al serviciului de suport tehnic.
Sursa: GECAD NET

Popular posts from this blog

Test New ALFA-AWUS036H v.2 (1.000mW) VS ALFA-AWUS036H v.1 (500mW)

- Recently emerged the New ALFA-AWUS036H v.2 (1.000mW), and these are the tests. TEST WITH NETSTUMBLER 1) usb da 100mW chipset railink 2) usb da 200mW chipset railink rt73 3) intel 2200 b/g con connettore esterno rp-sma 4) Alfa-AWUS036H 500mW 5) New Alfa-AWUS036H V2 da 1.000mW

Creating A Cheap Bluetooth Sniffer

Many papers and posts on internet forums have commented on the success of turning normal everyday bluetooth USB dongles ($10), into their more powerful counterparts that allow the capturing of packets from the airwaves. These more powerful USB dongles are usually sold at a much higher price ($10,000) together with the software to drive and control these devices. The problems associated with BlueTooth sniffing You cant simply just purchase the dongle with the alternate firmware. There is next to no real opensource packet capture program for the bluetooth protocol. Hardware & Limitations Chipsets: Whats the difference? The chipset of the Bluetooth USB Dongles are very important. Broadcom chipsets are cheap hardware and are deemed unsuitable devices for this paper. But unfortunalty nowadays, every manufacturer seems to prefer putting these chips in their products compared to the more reliable Cambridge Silicon Radio (CSR) chipset. If your lucky enough to find a dongle with a CSR chips...

ALFA-­AWUS036H & ALFA-­AWUS050NH INSTALLING/UPDATING DRIVERS RTL8187, r8187, RT2800usb on UBUNTU

NOTE: For surfing Internet with ALFA-AWUS050NH on Ubuntu Jaunty with rt2870sta driver, you must use the Kernel "2.6.28-11-generic #42-Ubuntu", without change or updates the drivers modules. NOTE: The tutorial is not related to Ubuntu karmic. Driver RTL8187/Stacks-­mac80211 (ref. ALFA-­AWUS036h) ­- These drivers, for surfing Internet, are more stable than r8187, and fully compatible with Network-Manager 0.7 installed by default on Ubuntu 9.04. Network-Manager 0.7 installed by default on Ubuntu 9.04. ­- Supports all encryption without problems. (OPEN, WEP and WPA/WPA2) ­- With Compat-Wireless, the "injection" working, but for support “Fragmentation attack” (opt. -5) you need to install one patch. - The RX sensitivity and packets injection is less, related to drivers r8187. Driver r8187/Stacks-ieee80211 (ref. ALFA-AWUS036h) - This driver is recommended for use with the Suite of Aircrack-ng, but not particularly suitable for Internet connections, as less stable and disc...