Hacker's war on terrorism draws tepid response from experts

[InfoSec News <isn () c4i org>]

[Back on September 28th, I said that I wasn't going to post anymore
crap from Kim Schmitz to InfoSec News, but it appears that his public
relations machine is in full swing and unsubstantiated news stories
are still being written.

I think this hack into the AlShamal Islamic Bank is a complete crock
of sh*t, and I am calling on Kim Schmitz on this one, Show us the
proof on this!

Here's why I think this is a crock...

Its all too easy to say that you and your merry band of hackers
compromised the security of a Checkpoint FireWall-1, Checkpoint
doesn't belive the hack happened in the first place and probably 
would love to hear how it was done, if it was done.

YIHAT hackers have allegedly given information only to the FBI, The
FBI will not comment on an ongoing investigation, and the NIPC also
points out that this kind of activity "is illegal and punishable as a
felony, with penalties extending to five years in prison."

When an agency can't comment on an investigation, one can say just
about anything they want, (Kimble might as well say that he knows
where D.B. Cooper is and that he's a silent investor in one of his
many venture capital projects.) as it stands now, the FBI is
investigating over 50,000 seperate tips, not to mention chem/bio
scares and people somehow still busting into jet cockpits.

Kim Schmitz says this has nothing to do with PR. Yet the YIHAT webpage
has the press registration link just above the signup for new YIHAT
membership.

Schmitz whose personal net worth is allegedly more than $100 million,
and is offering a reward of $10 million is also actively solicting the
funding of YIHAT off the kill.net website. This has me wondering if
Mr. Schmitz is either unwilling or unable to front his own projects or
pay for any future rewards on information.

Not knowing what information YIHAT hackers have gained from the Al
Shamal Islamic Bank and then given to the FBI, I have to wonder if its
the same information now posted at: http://www.shamalbank.com/Statment.htm


(Fwd)

It is obvious from above statement that Osama Bin Laden was never a
founder or a shareholder of Al Shamal Islamic Bank. His only relation
with the bank was through Al Higra Construction & Development Co. Ltd.
( a local company incorporated in Sudan on 24.3.1992 ) and Wadi El
Agig Co. ( A Saudi co. Registered in Saudi Arabia ) Wadi El Ageg is
holding minority share in Al Higra was represented by Bin Laden .

Al Higra Construction & Development Co.Ltd opened two accounts on
30.03.1992 and since 1997 both accounts were inoperative and closed.

Wadi Al Ageg opened a US Dollar Account in 1993 and since 1995 the
account is inactive and closed. 

(End)  

  
So what?

I want to see some proof of these hacks! With some of the best IT and
print journalists subscribed to ISN, not to mention top information
security professionals along with Local, State and Federal law
enforcement officers, I'm sure that someone here can verify that this
these hacks and information are true and not a figment of a healthy
imagination and a well paid public relations company.

While operational information wouldn't have to be printed, just a
consentaneous that this is real and that you haven't been pulling
everyones leg on this.

Say within the next 24 hours?   -=-   William Knowles - 10.11.2001]


-=-


http://www.nandotimes.com/technology/story/128776p-1350605c.html

By ROB LEVER, Agence France-Presse 

WASHINGTON (October 10, 2001 3:02 p.m. EDT) - Hackers are waging a
cyberwar against Osama bin Laden and his allies, despite warnings from
government and security experts that this activity could be
counterproductive.

The latest effort came this week when Kim Schmitz, a German
hacker-turned security consultant, launched a website to recruit
hackers to track down funds and other evidence linking bin Laden to
the September 11 terrorist attacks.

Since launching his group -- Young Intelligent Hackers Against Terror
(YIHAT) -- Schmitz says 34 people from 10 countries, as well as three
Arabic language translators, have joined the effort. He claims these
hackers have tracked down bin Laden's bank accounts at a bank in
Sudan.

Schmitz, who was convicted of hacking into NASA and Pentagon computers
in the 1990s, has offered a 10 million dollar reward for information
leading to the arrest and conviction of the exiled Saudi who is the
prime suspect of US officials.

"I am offering my creativity, name and money to fight terror," Schmitz
says on his website.

"I think the free world must unite NOW. We can only beat terrorism if
everybody, everywhere is fighting against it ... In a few years
terrorists will have nuclear and biological weapons and they won't
kill 5,000 but 5 million people with one strike."

Schmitz's efforts come in the wake of an organized effort by a
US-based hacker group known as "the Dispatchers," which launched a
campaign against sites deemed to be linked to bin Laden and the
Taliban regime in Afghanistan.

The Dispatchers claim to have shut down the website of the
presidential palace of Afghanistan, as well as some Iranian and
Palestinian sites.

"We are a group of computer security enthusiasts, who are outraged at
the acts of terrorism and such which are taking place in this day in
age," the group said in a message replacing the official websites.

"It is our cause to fight back in every way which we can ... Our
current targets are those of nations who support terrorism and groups
of terrorism."

But the group also hit -- possibly by mistake -- a site operated by
the financial services group Aon, which had the word "terrorism" in
its Internet address. Aon was among the firms located in the World
Trade Center.

US officials and security experts frown on what they describe as
"vigilante hackers," saying it will do little to help and may harm the
cause.

"Their motives may be possibly just, but their actions may be causing
damage and it may have other implications for people's privacy," said
David Endler, an analyst at the Virginia security firm iDefense.

Endler said it is impossible to control the activities of a broad
array of hackers -- ranging from adventurous to malicious -- and that
some may violate laws or ethics and obtain or modify confidential
data.

He noted that YIHAT hackers "did break into a Sudanese bank and get
some account information on bin Laden and supposedly gave that
information to the FBI, but it's not clear what kind damage was done
to that bank."

The FBI's National Infrastructure Protection Center echoed that
sentiment with a statement pointing out that such conduct "is illegal
and punishable as a felony, with penalties extending to five years in
prison."

"Those individuals who believe they are doing a service to this nation
by engaging in acts of vigilantism should know that they are actually
doing a disservice to the country," the agency said.

Indeed, some hacker groups, notably the German-based Chaos Computer
Club, is eschewing the effort to hack the sites of enemies, saying,
"Given the tense situation, we should not cut off means of
communication and open up an even bigger gulf in understanding between
peoples."

But Schmitz said his goal is to assist law enforcement and urges YIHAT
members to follow ethical guidelines.

"We are generating leads for the FBI," he told AFP by e-mail. "Our
goal is to work with the authorities and not against them. Our mission
is to find terror money. Those who join YIHAT respect our rules,
cracking (damaging data) is strictly prohibited just like defacing
websites."





-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.