Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Fake Password Reset E-mail Hits 7,500 Black Hat Registrants

timothy posted more than 2 years ago | from the perfectly-natural-return-to-your-homes dept.

Security 67

An anonymous reader writes "7,500 Black Hat USA 2012 attendees may have been surprised to get a fake password reset e-mail sent to accounts they used to register for the conference. Black Hat has apologized and explained the lame phishing spam attempt."

cancel ×

67 comments

Sorry! There are no comments related to the filter you selected.

I would be deeply saddened (5, Funny)

Anonymous Coward | more than 2 years ago | (#40733935)

...if any of them fell for it.

Re:I would be deeply saddened (4, Insightful)

Mabhatter (126906) | more than 2 years ago | (#40734093)

They totally deserve that? Why would you sign up for a "Black Hat" event with an important account? The trusting fools!

Re:I would be deeply saddened (0)

Anonymous Coward | more than 2 years ago | (#40734753)

Because you want to get the owner into trouble. Obvious really.

Re:I would be deeply saddened (2, Interesting)

Anonymous Coward | more than 2 years ago | (#40735011)

First off, Black Hat is not for the elite. Black Hat is the watered down version of DefCon, made palatable for people and businesses who are afraid of being associated with the criminal element of hacking. While there is some good information to be had at Black Hat, it is generally a pale shadow of what can be found at DefCon. That said, DefCon is a pale shadow of its former self, not in terms of attendance for sure, but definitely in terms of content. For content you must now go to B-Sides, Skytalks, etc., or smaller group meetings in a non-public venue. As far as the "why sign up" using an important account question, what a stupid question. The account is not you, if you are dumb enough to fall for a phishing attempt, it does not matter if it is your main or a throw-away account, as the mentality that falls for such things rarely uses a unique password for each and every on-line service, list membership, etc. Protecting yourself against this kind of crap requires you to not only have a brain, but to use it, ask relevant questions, and trust no sources, ever, no matter what.

Re:I would be deeply saddened (2)

postbigbang (761081) | more than 2 years ago | (#40735233)

By your description, I don't think you've been to either. I don't consider myself "elite" but I *am* very interested in the latest war stories and postures by varying agencies, ostensible hacker groups, and listening to the delicious screeds of various hacking icons.

That they were p0wn3d is hilarious. I don't believe their story regarding how it was some fool at ITN that did it, either. Someone ate their lunch. They should know better. The payload was a useless malformed URL, by the way, not a real one.

Re:I would be deeply saddened (4, Interesting)

Shoten (260439) | more than 2 years ago | (#40735945)

You've clearly never even looked at the speakers list or topics for Black Hat. It's not at all watered down; in fact, there used to be a time when a good enough talk would be given at both...but at Defcon, the talk would leave out certain details and depth. By no means is what's delivered light, either...Moxie Marlinspike revealed how to subvert SSL, for example. Dug Song and Thomas Lopatic revealed how to root a Checkpoint Firewall (back when Checkpoint was the big one to get). Major and very serious vulnerabilities in AMI meters (used for Smart Grid) were revealed by IOActive...the list goes on. And you get an incredible mix of major industry players like Cisco and Apple speaking frankly (there's a talk this year on the security architecture of Apple's IOS) along with independent researchers and even lateral thinkers. Jose Nazario...now the Senior Manager for Security Research at Arbor networks, and a Board Member at the Honeynet Project, gave a talk when he was fresh out of finishing his Ph.D. in biochemistry...on viral propagation algorithms for computer viruses. It turns out that what he did his thesis on...viral propagation models for biological viruses...mapped directly to the concept, and the man never worked a day in the biochem field after he finished his doctorate.

So, just because you're not able to afford the ticket, or for some reason you can't gain entry into the infosec field (past criminal record, perhaps? Caught with the ganja, were we?), don't try to tarnish the people trying to share information at the front end of things.

Re:I would be deeply saddened (2)

Karmashock (2415832) | more than 2 years ago | (#40734341)

It would be pretty choice irony.

They should make that part of the event. Every time they should use the registrant's information to try and scam the whole group.

Not take money or whatever. But just as a challenge and a reminder.

Re:I would be deeply saddened (-1, Flamebait)

Anonymous Coward | more than 2 years ago | (#40734459)

1. Out of the four programming languages below, which one of them is used exclusively by True Programmers?
(A) Gamemaker
(B) C
(C) Linux kernel
(D) Java

2. Out of the four programming languages below, which one of them will transform a worthless, miserable individual into an upstanding True Programmer?
(A) Gamemaker
(B) C
(C) C++
(D) Assembly

3. Which of the programs listed below were made in Gamemaker?
(A) Gamemaker
(B) Windows
(C) MyCleanPC
(D) Visual Basic
(E) All of the above.

4. Which of the following programming languages are used by False Programmers?
(A) C
(B) Ada
(C) Java
(D) C++
(E) All programming languages that aren't Gamemaker or weren't made in Gamemaker.

5. Out of the four programming languages below, which one of them is the greatest programming language of all time and will continue to be so for all of eternity?
(A) Gamemaker
(B) Pascal
(C) Slashdot.org
(D) C++

Answers: A, A, E, E, A
Score: 5/5

Wow! Such a thing! As you can see, there is no reason for you to not switch to Gamemaker.
It's time to return.
You may return.
You can return.
You should return.
You must return.
You shall return.
You may, can, should, must, and shall return... to Gamemakerdom!
Return, return, return, return, return to Gamemakerdooooooooooooooooooooooooooom!

Re:I would be deeply saddened (0)

Anonymous Coward | more than 2 years ago | (#40736619)

I curse you for my business partner actually suggesting to me the other day that we try gamemaker for a project. I told him our engineers would see his head on a pike before they were subjected to that garbage.

Re:I would be deeply saddened (2)

flyneye (84093) | more than 2 years ago | (#40734851)

Why be saddened? They signed up for it, paid with (possibly) their credit card, showed their I.D. at the desk for their room, walked in plain view of security cameras placed by both the hotel and the FBI facial recognitioin database team, hung out in their bugged rooms, chatted in bugged elevators, walked the floors with undercovers all around. 7500 show up, but 8000 in attendance hmmmmmmm. I wouldn't be surprised if half of them fell for it.

Re:I would be deeply saddened (1)

Legion303 (97901) | more than 2 years ago | (#40735401)

"7500 show up, but 8000 in attendance hmmmmmmm."

to be fair, 400 of those extras are hotel union staff who stand around and get surly if you try to move your own conference table two inches to the right because it's blocking access to your heart medication.

Re:I would be deeply saddened (1)

Shoten (260439) | more than 2 years ago | (#40736029)

It wasn't a phishing email. Here's the email body itself:

This is a note from BlackHat 2012.
________________________________________

You have requested a new password. Here are your details:

Username:
Password:

To sign in, please go to this URL:

https://svel1023/BH12/Admin/ [svel1023]

Okay...so that link, if you notice, wouldn't even work. (Try it and see for yourself if you like.) It turns out that this was a software error; a password provisioning function at ITN (the event company supporting BH) sent the email to everyone instead of (presumably) the intended recipient. Indeed, the headers of the email indicate that it emanated from ITN's email server as well. So, the OP is ass-poundingly dishonest in referring to this as a "lame phishing attempt".

Re:I would be deeply saddened (1)

wiedzmin (1269816) | more than 2 years ago | (#40737371)

Okay...so that link, if you notice, wouldn't even work. (Try it and see for yourself if you like.)

That link is to a server on a local network, to which attendees (if they're dumb enough to use an electronic device, connected to a network, to check their email, while at BlackHat) could have been connected during the conference.

Re:I would be deeply saddened (1)

Shoten (260439) | more than 2 years ago | (#40738889)

Only if that server is on the same local network as the conference. Which it isn't.

Re:I would be deeply saddened (3, Informative)

LordLimecat (1103839) | more than 2 years ago | (#40735737)

This wasnt something "to fall for"-- the emails were legit in that they really came from BlackHat registration. That everyone thinks the summary is accurate is little hillarious.

I mean, the article wasnt exctly lengthy, and they even gave an executive summary:

This morning, some idle hands browsed their way to a screen that looked like this:

We would provide a better screenshot, but that actually ends in sending an email. Call it a 'feature'. The link provided in the email is to an onsite host on our registration network.

Basically, a volunteer went to a place they shouldnt have, which resulted in reset emails being fired off to everyone.

Nowhere does it say or imply that it was phishing attempt. Im glad the editors are continuing the fine tradition of not even opening the links of the article they are supposed to be reviewing.

I can explain. (0)

Anonymous Coward | more than 2 years ago | (#40733939)

it is just a fake first post.

Re:I can explain. (3, Funny)

Anonymous Coward | more than 2 years ago | (#40733959)

I can tell, since it's actually the second post.

Re:I can explain. (1)

sumdumass (711423) | more than 2 years ago | (#40734311)

But it was the first second post?

Re:I can explain. (1)

Pieroxy (222434) | more than 2 years ago | (#40734471)

But it was the first second post?

No, it was the second first post.

How many peeps fell for it? (2, Insightful)

Snotnose (212196) | more than 2 years ago | (#40733953)

The only newsworthy chunk of info here is, How many of these peeps fell for it? These are the elite, what percentage fell for it?

Re:How many peeps fell for it? (4, Insightful)

Sir_Sri (199544) | more than 2 years ago | (#40733973)

These are the elite

No, some of them are elite hackers, some of them are just trying to keep up with the mischief elite hackers are going to be creating or trying to feel like they're part of the culture.

Re:How many peeps fell for it? (1)

Snotnose (212196) | more than 2 years ago | (#40734005)

Ya, I mispoke. These are the ones who think they're elite. I suspect half the attendees are like the script kiddies in MW who load a cheat onto their PS3, then brag about how good they are.

Still, how many of these peeps fell for it?

Re:How many peeps fell for it? (0)

Anonymous Coward | more than 2 years ago | (#40734099)

Pfffft, that's nothing. I play TF2 and I load a cheat onto my PC and then brag about how good I am. On a game that's completely free.

It's all about the lulz, to be honest.

Sure, I could win legitimately, but when the entire enemy team ragequits, that's what does it for me. It's like eating a perfectly prepared steak, or eating french fries with bacon, cheddar, and ranch, or drinking two 40's of Olde English 800.

Re:How many peeps fell for it? (0)

Anonymous Coward | more than 2 years ago | (#40734181)

How do you know they ragequit? I would just mehquit.

Re:How many peeps fell for it? (0)

Anonymous Coward | more than 2 years ago | (#40734297)

I tend to pityquit.

Re:How many peeps fell for it? (0)

fractalVisionz (989785) | more than 2 years ago | (#40734197)

I don't know whether to mod you insightful or troll, so I will comment instead.

Re:How many peeps fell for it? (1)

Anonymous Coward | more than 2 years ago | (#40734101)

Still, how many of these peeps fell for it?

You lazy ass... if you want to know, be a man... hack you way through and examine the server logs.

Re:How many peeps fell for it? (2)

PolygamousRanchKid (1290638) | more than 2 years ago | (#40734577)

Black Hat attracts a lot of "hang arounds" . . . journalists, and folks who just want to see who attends, and what they are talking about. So some folks in these groups might be more susceptible to a simple phishing attack.

I akt el33t, now give me warez (1)

Grindalf (1089511) | more than 2 years ago | (#40734053)

Leet Leet Leet Leet Leet! Erm ... I think! Maybe it's the quality of clientele?

Re:I akt el33t, now give me warez (1)

Grindalf (1089511) | more than 2 years ago | (#40734219)

That's 7,499 US Secret Service Agents and Gary McKinnon in a frizz wig and dark glasses! :0)

LOL (0)

Anonymous Coward | more than 2 years ago | (#40734069)

That is all.

the ironing (1)

Anonymous Coward | more than 2 years ago | (#40734081)

is delicious

Re:the ironing (4, Funny)

philip.paradis (2580427) | more than 2 years ago | (#40734119)

Man, I've heard of some strange fetishes in my time, but savoring the flavor of freshly ironed clothing is a first in my book. Do you prefer light or heavy starch?

Re:the ironing (0)

Anonymous Coward | more than 2 years ago | (#40734293)

Mmmmmm... starch....

Re:the ironing (1)

schroedingers_hat (2449186) | more than 2 years ago | (#40734633)

I wouldn't go so far as to call it a fetish, but freshly ironed/fresh out of the dryer pants/underpants feel pretty good.

Re:the ironing (0)

Anonymous Coward | more than 2 years ago | (#40734829)

Is it wrong for me to push my fantasies/fetish on to my husband?

I have an steam ironing fetish which, for me, involves my husband' active sexual participation whenever he sees me doing it. However, lately he doesn't seem overly interested and I'm thinking that maybe he's bored with me. The problem is that I've always really really enjoyed the seductiveness of my fetish with him and other men in the past, which is a turn-on for me.

http://answers.yahoo.com/question/index?qid=20090601141840AAlRImH

When Yahoo Answers is ahead of the curve, you know you're a little behind(*).

(*) Being surely another fetish.

Re:the ironing (2)

Mikkeles (698461) | more than 2 years ago | (#40734941)

Actually, he irons his 'grilled' cheese sandwich. It gives it that soupcon of je ne sais quoi.

A real hacker conference would test antendees :) (2, Insightful)

Anonymous Coward | more than 2 years ago | (#40734131)

It would be great to keep out the script kiddies. I have just the test to determine if someone is a hacker. Just ask them what they like to hack. If they answer with responses like "i like breaking into xyz systems" then deny them a ticket. If they answer with "i like to hack on xyz" and go into how they configured/wrote/learned about some system then let them in. Hacking isn't about breaking into systems or clicking on some button to attack something. It is literally the joy of learning. While breaking into a system might be hacking it's not so unless there is a learning component to it. I like to hack. I hack stuff together all the time. I throw some GNU/Linux distribution together (and having known nothing prior enjoy that). I'm a hacker. I *could* break into a system... but can't say I ever really have. Sure. I've exploited a bug or two for fun. That was a hacking as I learned something and enjoyed it. However someone clicking a button (something any computer users knows how to do) to join in on a DDoS attack on some web site is not hacking. You'd have to be the dumbest person on earth or at least over the age of 40 (loss of skills/memory/ability etc) to call that hacking.

Re:A real hacker conference would test antendees : (0)

Anonymous Coward | more than 2 years ago | (#40735251)

First half of that looked pretty sage, and then

I throw some GNU/Linux distribution together (and having known nothing prior enjoy that). I'm a hacker. I *could* break into a system... but can't say I ever really have.

I realized you were just a dumb arrogant kid yourself.

Re:A real hacker conference would test antendees : (1)

DerekLyons (302214) | more than 2 years ago | (#40738239)

Hacking isn't about breaking into systems or clicking on some button to attack something. It is literally the joy of learning.

The 1970's called - they want to drop off the disco balls and bell bottom trousers for the rest of your nostalgia trip.
 

You'd have to be the dumbest person on earth or at least over the age of 40 (loss of skills/memory/ability etc) to call that hacking.

No, you'd have to be someone using the word as it's been commonly used for thirty odd years now.

The Reply (5, Insightful)

azalin (67640) | more than 2 years ago | (#40734133)

An automatic reply should have been sent to everyone who fell for it:

Your reservation has been revoked. Please invest some time in learning basic security guidelines before applying again.
Best regards

Re:The Reply (1)

Anonymous Coward | more than 2 years ago | (#40734193)

That would be a neat trick since the URL is essentially unresolvable for anyone not on their network.

This is a note from BlackHat 2012.

        You have requested a new password. Here are your details:

        Username:
        Password:

        To sign in, please go to this URL:

        https://svel1023/BH12/Admin/ [svel1023]

svel1023 looks like a username to me. Maybe the volunteer who sent the email out?

Re:The Reply (0)

Anonymous Coward | more than 2 years ago | (#40734251)

read it backwards in l33t speak

Re:The Reply (0)

Anonymous Coward | more than 2 years ago | (#40734447)

ezoilevs?

Re:The Reply (0)

Anonymous Coward | more than 2 years ago | (#40734843)

i've pwned ur brain. tks.

Shit security (4, Interesting)

FormOfActionBanana (966779) | more than 2 years ago | (#40734135)

Shit security on their end, and that posting does NOT look like an apology.

And what's this BS about expecting the most hostile network? I thought that was DEFCON...

Re:Shit security (0)

Anonymous Coward | more than 2 years ago | (#40734329)

I've got captures of the caesars network throughout blackhat... blackhat is where the l33t who went pro go get pieces of paper for their bosses. And the lame bosses who dont know jack get pwned and don't know it. There were dozens of people spoofing gateways plenty of portscans and people trying out ettercap et al. It is a fucking mess. Aruba even recommends hardcoding the gateway mac address for their wireless net... all that for the least informative (and informed) security conference in vegas that week.

Re:Shit security (0)

Anonymous Coward | more than 2 years ago | (#40734601)

Also known as FEDCON.

Re:Shit security (0)

Anonymous Coward | more than 2 years ago | (#40735033)

Black Hat is not Defcon

Tor discussion forums! (-1)

Anonymous Coward | more than 2 years ago | (#40734147)

We need an official Tor discussion forum.

I didn't see this issue mentioned in Roger's *latest* notes post, so for now, mature adults should visit and post at one or both of these unofficial tor discussion forums, these tinyurl's will take you to:

** HackBB:
http://www.tinyurl.com/hackbbonion [tinyurl.com]

** Onion Forum 2.0
http://www.tinyurl.com/onionforum2 [tinyurl.com]

Each tinyurl link will take you to a hidden service discussion forum. Tor is required to visit these links, even though they appear to be on the open web, they will lead you to .onion sites.

I know the Tor developers can do better, but how many years are we to wait?

Caution: some topics may be disturbing. You should be eighteen years or older. I recommend you disable images in your browser when viewing these two forums[1] and only enabling them if you are posting a message, but still be careful! Disable javascript and cookies, too.

If you prefer to visit the hidden services directly, bypassing the tinyurl service:

HackBB: (directly)
http://clsvtzwzdgzkjda7.onion/ [clsvtzwzdgzkjda7.onion]

Onion Forum 2.0: (directly)
http://65bgvta7yos3sce5.onion/ [65bgvta7yos3sce5.onion]

The tinyurl links are provided as a simple means of memorizing the hidden services via a link shortening service (tinyurl.com).

[1]: Because any content can be posted! Think 4chan, for example. onionforum2 doesn't appear to be heavily moderated so be aware and take precautions.

Free F-Secure FOR LINUX Antivirus! (-1)

Anonymous Coward | more than 2 years ago | (#40734149)

Free F-Secure FOR LINUX Antivirus!

Current version as of July 16, 2012:
(visit site below for newer versions!)

- Linux Security 9.14
Download: http://download.f-secure.com/webclub/f-secure-linux-security-9.14.1942.tar.gz [f-secure.com]
Release Notes: http://download.f-secure.com/webclub/f-secure-linux-security-9.14.1942-release-notes.txt [f-secure.com]

- More Linux Downloads:
https://www.f-secure.com/en/web/business_global/support/downloads [f-secure.com]

- F-Secure Linux weblog:
https://www.f-secure.com/linux-weblog/ [f-secure.com]

Government & Stealth Malware (-1)

Anonymous Coward | more than 2 years ago | (#40734155)

Nobody Seems To Notice and Nobody Seems To Care - Government & Stealth Malware

In Response To Slashdot Article: Former Pentagon Analyst: China Has Backdoors To 80% of Telecoms 87

How many rootkits does the US[2] use officially or unofficially?

How much of the free but proprietary software in the US spies on you?

Which software would that be?

Visit any of the top freeware sites in the US, count the number of thousands or millions of downloads of free but proprietary software, much of it works, again on a proprietary Operating System, with files stored or in transit.

How many free but proprietary programs have you downloaded and scanned entire hard drives, flash drives, and other media? Do you realize you are giving these types of proprietary programs complete access to all of your computer's files on the basis of faith alone?

If you are an atheist, the comparison is that you believe in code you cannot see to detect and contain malware on the basis of faith! So you do believe in something invisible to you, don't you?

I'm now going to touch on a subject most anti-malware, commercial or free, developers will DELETE on most of their forums or mailing lists:

APT malware infecting and remaining in BIOS, on PCI and AGP devices, in firmware, your router (many routers are forced to place backdoors in their firmware for their government) your NIC, and many other devices.

Where are the commercial or free anti-malware organizations and individual's products which hash and compare in the cloud and scan for malware for these vectors? If you post on mailing lists or forums of most anti-malware organizations about this threat, one of the following actions will apply: your post will be deleted and/or moved to a hard to find or 'deleted/junk posts' forum section, someone or a team of individuals will mock you in various forms 'tin foil hat', 'conspiracy nut', and my favorite, 'where is the proof of these infections?' One only needs to search Google for these threats and they will open your malware world view to a much larger arena of malware on devices not scanned/supported by the scanners from these freeware sites. This point assumed you're using the proprietary Microsoft Windows OS. Now, let's move on to Linux.

The rootkit scanners for Linux are few and poor. If you're lucky, you'll know how to use chkrootkit (but you can use strings and other tools for analysis) and show the strings of binaries on your installation, but the results are dependent on your capability of deciphering the output and performing further analysis with various tools or in an environment such as Remnux Linux. None of these free scanners scan the earlier mentioned areas of your PC, either! Nor do they detect many of the hundreds of trojans and rootkits easily available on popular websites and the dark/deep web.

Compromised defenders of Linux will look down their nose at you (unless they are into reverse engineering malware/bad binaries, Google for this and Linux and begin a valuable education!) and respond with a similar tone, if they don't call you a noob or point to verifying/downloading packages in a signed repo/original/secure source or checking hashes, they will jump to conspiracy type labels, ignore you, lock and/or shuffle the thread, or otherwise lead you astray from learning how to examine bad binaries. The world of Linux is funny in this way, and I've been a part of it for many years. The majority of Linux users, like the Windows users, will go out of their way to lead you and say anything other than pointing you to information readily available on detailed binary file analysis.

Don't let them get you down, the information is plenty and out there, some from some well known publishers of Linux/Unix books. Search, learn, and share the information on detecting and picking through bad binaries. But this still will not touch the void of the APT malware described above which will survive any wipe of r/w media. I'm convinced, on both *nix and Windows, these pieces of APT malware are government in origin. Maybe not from the US, but most of the 'curious' malware I've come across in poisoned binaries, were written by someone with a good knowledge in English, some, I found, functioned similar to the now well known Flame malware. From my experience, either many forum/mailing list mods and malware developers/defenders are 'on the take', compromised themselves, and/or working for a government entity.

Search enough, and you'll arrive at some lone individuals who cry out their system is compromised and nothing in their attempts can shake it of some 'strange infection'. These posts receive the same behavior as I said above, but often they are lone posts which receive no answer at all, AT ALL! While other posts are quickly and kindly replied to and the 'strange infection' posts are left to age and end up in a lost pile of old threads.

If you're persistent, the usual challenge is to, "prove it or STFU" and if the thread is not attacked or locked/shuffled and you're lucky to reference some actual data, they will usually attack or ridicule you and further drive the discussion away from actual proof of APT infections.

The market is ripe for an ambitious company or individual to begin demanding companies and organizations who release firmware and design hardware to release signed and hashed packages and pour this information into the cloud, so everyone's BIOS is checked, all firmware on routers, NICs, and other devices are checked, and malware identified and knowledge reported and shared openly.

But even this will do nothing to stop backdoored firmware (often on commercial routers and other networked devices of real importance for government use - which again opens the possibility of hackers discovering these backdoors) people continue to use instead of refusing to buy hardware with proprietary firmware/software.

Many people will say, "the only safe computer is the one disconnected from any network, wireless, wired, LAN, internet, intranet" but I have seen and you can search yourself for and read about satellite, RF, temperature, TEMPEST (is it illegal in your part of the world to SHIELD your system against some of these APT attacks, especially TEMPEST? And no, it's not simply a CRT issue), power line and many other attacks which can and do strike computers which have no active network connection, some which have never had any network connection. Some individuals have complained they receive APT attacks throughout their disconnected systems and they are ridiculed and labeled as a nutter. The information exists, some people have gone so far as to scream from the rooftops online about it, but they are nutters who must have some serious problems and this technology with our systems could not be possible.

I believe most modern computer hardware is more powerful than many of us imagine, and a lot of these systems swept from above via satellite and other attacks. Some exploits take advantage of packet radio and some of your proprietary hardware. Some exploits piggyback and unless you really know what you're doing, and even then... you won't notice it.

Back to the Windows users, a lot of them will dismiss any strange activity to, "that's just Windows!" and ignore it or format again and again only to see the same APT infected activity continue. Using older versions of sysinternals, I've observed very bizarre behavior on a few non networked systems, a mysterious chat program running which doesn't exist on the system, all communication methods monitored (bluetooth, your hard/software modems, and more), disk mirroring software running[1], scans running on different but specific file types, command line versions of popular Windows freeware installed on the system rather than the use of the graphical component, and more.

[1] In one anonymous post on pastebin, claiming to be from an intel org, it blasted the group Anonymous, with a bunch of threats and information, including that their systems are all mirrored in some remote location anyway.

[2] Or other government, US used in this case due to the article source and speculation vs. China. This is not to defend China, which is one messed up hell hole on several levels and we all need to push for human rights and freedom for China's people. For other, freer countries, however, the concentration camps exist but you wouldn't notice them, they originate from media, mostly your TV, and you don't even know it. As George Carlin railed about "Our Owners", "nobody seems to notice and nobody seems to care".

[3] http://www.stallman.org/ [stallman.org]

Try this yourself on a wide variety of internet forums and mailing lists, push for malware scanners to scan more than files, but firmware/BIOS. See what happens, I can guarantee it won't be pleasant, especially with APT cases.

So scan away, or blissfully ignore it, but we need more people like RMS[3] in the world. Such individuals tend to be eccentric but their words ring true and clear about electronics and freedom.

I believe we're mostly pwned, whether we would like to admit it or not, blind and pwned, yet fiercely holding to misinformation, often due to lack of self discovery and education, and "nobody seems to notice and nobody seems to care".

Makes me smile (1)

pbjones (315127) | more than 2 years ago | (#40734203)

What a laugh! I read the article, but it still makes me smile. one of their own ranks, doing this for 'fun'.

I got one (0)

Anonymous Coward | more than 2 years ago | (#40734307)

It was an obvious fake, and clearly came from someone with access to the BlackHat registration database. The link included for the password reset did not even appear to be valid (I did not actually try it.). A few hours later they sent me a follow-up email with a link to an explanation.

Re:I got one (1)

Anonymous Coward | more than 2 years ago | (#40734393)

"A few hours later they sent me a follow-up email with a link to an explanation."

_That_ was the real attack. I bet you were curious and now you're infected.

Re:I got one (1)

jtownatpunk.net (245670) | more than 2 years ago | (#40734543)

Oh, I'm sure the link was valid. Anyone who clicked it is banned for life from all future events.

Re:I got one (0)

Anonymous Coward | more than 2 years ago | (#40738961)

Good thing I was spoofing your account when I clicked on it!

Good for the goose... (0)

Anonymous Coward | more than 2 years ago | (#40734315)

I support all efforts by black hats to screw over other black hats. In my ideal world, those characters would spend all their time fighting and pwning each other, leaving us out of their vile shitstorm. The situation is similar to drug dealers: let them shoot each other as much as they want, it keeps them busy and leaves us in peace.

Re:Good for the goose... (0)

Anonymous Coward | more than 2 years ago | (#40734365)

A little mellow-dramatic dontchathink?

Re:Good for the goose... (0)

Anonymous Coward | more than 2 years ago | (#40734895)

Given that the question is whether or not we're pelted with shit hail the size of shit grapefruits, I don't think I'm being over the top. If anything, I'm being restrained.

PS - it's melodramatic

Re:Good for the goose... (1)

ThatsMyNick (2004126) | more than 2 years ago | (#40734801)

And anyone caught in cross fire can die too. Right?

Re:Good for the goose... (0)

Anonymous Coward | more than 2 years ago | (#40734871)

A phish here or there sent to a misspelled address is a small price to pay for keeping out of the tornado of shit that is the blackhat world.

www.juming-mould.com (-1)

Anonymous Coward | more than 2 years ago | (#40734387)

Hackers have the ability, but to endanger society

"Attempt"? Bad article summary (1)

syntap (242090) | more than 2 years ago | (#40735267)

"Lame phishing spam attempt" should be reworded to "sucessful phishing spam launch that took advantage of an insider security threat".

If it is in the recipient's inbox, the spam happened sucessfully. If it didn't, it was an unsucessful attempt.

A read of TFA shows no mention of the word "lame". In fact the statement does what it should do... describes what happened and what action was taken. "The email this morning was an abuse of functionality by a volunteer who has been spoken to. This feature has since been removed as a precautionary measure."

Re:"Attempt"? Bad article summary (0)

Anonymous Coward | more than 2 years ago | (#40738111)

Why was the volunteer "spoken to" instead of being "asked to leave"?

This kind of thing would not happen if ... (1)

Skapare (16644) | more than 2 years ago | (#40737385)

... we just get rid of the old legacy email system. What kind of black hatter still uses that spam infested crap.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?