Flattr this
/ / Hacking Team Attacker Reveals Secrets
hacked

Hacking Team Attacker Reveals Secrets

Edit


An individual purporting to be the attacker behind the breach of the Italian cyber outfit 'Hacking Team' has released a blog posting detailing his modus operandi. Here are some of the most revealing points:

Anonymity

Use a VM (virtual machine) and route traffic via TOR – TOR hides the IP address and provides a sense of anonymity. A VM allows the user to keep personal files separate.
A good hacker will use new servers and domain names, registered to new email addresses and make any payments with bitcoin (using new bitcoin addresses). They will also use tools that are publicly available or brand new, specifically created for that particular breach so as to avoid leaving a forensic footprint.

Exploit weak passwords

Companies should use strong passwords and ensure that data/system admins take password management seriously. System admins are critical, they have access to the various servers. The Hacking Team's system admin's (Pizzo) weak password (P4ssword) made spying on him easier than it should have been. Domain admin passwords lead to email access and for passwords to be reset on the mail server.

Social Engineering

Employee information for a targeted phishing campaign can be found via Google, LinkedIn, Data.com and may sometimes be found in file metadata. Metagoofil extracts files from websites. 
Spear phishing continues to be successful for many organizations, particularly larger entities. Smaller, security focused outfits are less likely to fall for such a ploy.

Malware/Zero Day Exploits

Large companies often have compromised computers within their networks. Bots diligently working quietly in the background, gathering information.
Rather than immediately announce a coding flaw, malicious hackers prefer to keep their knowledge secret and stealthily hide within the network like a cyber sleeper cell. Most companies are woefully poor at detecting when the have been breached – as per Verizon’s Data Breach Investigation Report 2013. 92% the time it is a contractor, customer or law enforcement who discovers the breach.









About Afritechnet

0 comments:

Post a Comment

Subscribe to: Post Comments ( Atom )
Powered by Blogger.