Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Beware of the security zealot

From: InfoSec News <isn () C4I ORG>
Date: Tue, 23 May 2000 16:09:28 -0500
Forwarded by: "Berislav Kucan BHZ" <bhz () net-security org>

http://www.zdnet.com/zdnn/stories/comment/0,5859,2573856,00.html

In a certain way, the "hunters" couldn't have been more different.
Ex-hacker Chris Davis was responsible for cornering the Welsh teenage
Curador - the 18-year-old computer security consultant turned computer
criminal - who thought it was cool to snare credit cards from
mom-and-pop Web sites and post them where all could see and admire his
cunning. It took Davis two days to locate Curador's name, address and
phone number.

It took James Atkinson, a security specialist, two hours to pinpoint
the real name, address and phone number of "Mafiaboy," the Canadian
15-year-old who allegedly initiated a denial-of-service attack on CNN
- one of a series of DOS attacks on large Web sites across the U.S.
early this year.

The little miscreant that could, #1

Curador was "bragging," Davis said, and that made him mad. "In hacker
terms, Curador had the maturity of a child," Davis added. "He went off
on a grandiose track to let the world know of his skills at breaking
into e-commerce sites."

Davis operates a small computer security company, HeXedit, in Ottawa,
Ontario, and taps into affiliations with some of the world's most
respected computer security people. He contacted several of the firms
that Curador had hit and asked if, in exchange for setting their
systems up correctly, they would send him the logs of the attack.
Everyone agreed. In the ensuing days and weeks, Davis continued to
gather evidence of how and where Curador operated.

After two months, the Royal Canadian Mounted Police and the FBI
finally got involved. They contacted Davis, who willingly turned over
all of the evidence - names and locations, logs and the trails,
everything. The FBI agent thanked him profusely and said Davis would
see his name in "bright shining lights" in the FBI press release. The
next day the release went out. There was no mention of Davis.

[...]


Berislav Kucan aka BHZ
bhz () net-security org
http://net-security.org

ISN is sponsored by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".
Previous By Date Next
Previous By Thread Next

Current thread: