Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Wanted - have you seen this MAC address: f8:e0:79:af:57:eb? German cops appeal for logs in bomb probe

From: InfoSec News <alerts () infosecnews org>
Date: Thu, 10 Jan 2019 09:36:01 +0000 (UTC)
https://www.theregister.co.uk/2019/01/10/german_blackmail_investigation/

By Richard Chirgwin
The Register
10 Jan 2019
German police investigating a blackmailer's parcel bombing campaign reckon they know the MAC address of a device used by the scumbag, and hope network logs can help unmask the perp.
Between November 2017 and April 2018, improvised explosive devices were sent to addresses in and around Berlin and Frankfurt an der Oder via DHL, in an apparent attempt to extort the delivery giant: cough up wads of crypto-cash, or get more bombs through the mail.
One package was sent to the Berlin Chamber of Crafts, and another to a pharmacy in Potsdam. The former was defused without exploding after the cops were called in, and the latter failed to go off when opened. It contained firework powder, nails, and screws. A bank in Berlin and an online store in Frankfurt an der Oder also received what appeared to be homemade bombs.
An extortion note was discovered encoded in a QR code on one of the parcels – the cops had to piece it together again after blowing it up in a controlled explosion - and it demanded several million Euros in Bitcoin to call off the campaign.
A police probe turned up the MAC address f8:e0:79:af:57:eb, which, if genuine and non-spoofed, belongs to a Motorola/Lenovo device – most likely a Motorola smartphone. 

[...]


--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
Previous By Date Next
Previous By Thread Next

Current thread: