Nov 25 2008

Julie Amero Spyware Case Finally Comes To An End

It’s a sad case when someone loses their career over an incidnet which was outside of their control, not everyone can be expected to keep their computers free of spyware and malware.

It just doesn’t happen.

Unfortunately for Julie Amero, she got some porn pop-ups at the wrong time in a class full of students.
If you aren’t familiar with the case you can read-

The Wiki entry – State of Connecticut v. Julie Amero.[http://en.wikipedia.org/wiki/Julie_Amero]
Julie Amero’s blog – [http://julieamer.blogspot.com]

On Friday, prosecutors reached a plea agreement with the former Connecticut schoolteacher who at one time faced up to 40 years in prison after being convicted of endangering minors. The charges stemmed from a 2004 incident in which a computer loaded with spyware displayed pornography to her students.

State prosecutors dropped four felony charges of “risk of injury to a minor” against her, with Amero pleading guilty to a disorderly conduct misdemeanor, according to the Hartford Courant.

A jury convicted Amero of the felony charges in January 2007, but the presiding judge in the case, Hillary Strackbein, set aside that verdict five months later, essentially granting Amero a new trial.

Amero will pay a US$100 charge and have her Connecticut teaching credentials revoked, said Sunbelt Software CEO Alex Eckelberry, who led the team of computer investigators that analyzed the school’s computer and concluded that Amero was innocent.

“The stress of this thing,… it just totally freaked her out,” Eckelberry said Friday. “For four years she’s been sitting there with this thing hanging over her.”

“It’s disappointing that it wasn’t dropped, but on the other hand I’m happy she got her life back,” he added.

Amero had become a cause celebre to computer security professionals who argued that she was an innocent victim of spyware programs that took control of a poorly configured computer on Oct. 19, 2004, at Kelly Middle School in Norwich, Connecticut, where Amero had been a substitute teacher.

Source : Network World

http://www.networkworld.com/news/2008/112208-spyware-case-finally-closed-for.html?fsrc=rss-security

Nov 24 2008

PyKeylogger – Simple Python Keylogger

PyKeylogger

PyKeylogger is a free open source keylogger written in the python programming language.
It is currently available for Windows (NT/2000 and up), and Linux (using Xlib, so won’t work on the console).
It is primarily designed for personal backup purposes, rather than stealth keylogging. Thus, it does not make explicit attempts to hide its presence from the operating system or the user.

Features :
* Log all keystrokes to disk, to a delimited data file
* Automatically archive logfiles to dated zips
* Automatic log rotation
* Automatically send zipped log archives to specified email address[es] (works with any SMTP server, including GMail and Yahoo Mail secure SMTP servers)
* Takes a partial screenshot, centered at the location of every mouse click.
* Automatically flush write buffer to disk, to minimize data loss in the event of a crash
* Very customizable, through configuration with a .ini text file
* GUI (graphical) control panel for settings and actions (this is now the recommended way to change settings)
* Password protection of control panel
* Passwords are obfuscated in the configuration file, to prevent casual snooping
* Automatically delete log files older than specified age

Download :
http://downloads.sourceforge.net/pykeylogger/pykeylogger-1.0.4_win32.zip

More Info :
http://pykeylogger.sourceforge.net/

Nov 22 2008

Teen Hacker Confesses Three-year Crime Spree

Teen Hacker Confesses Three-year Crime Spree
DDoS, botnets, SWAT calls, bomb threats, credit fraud……

A juvenile hacker with a reputation for stirring up trouble in online gaming groups has admitted to multiple computer felonies, including cyber attacks that overwhelmed his victims with massive amounts of data and the placing of hoax emergency phone calls that elicited visits by heavily armed police teams.

Known by the online handle of Dshocker, the 17-year-old Massachusetts hacker also admitted he breached multiple corporate computer systems, called in bomb threats and engaged in credit card fraud. The defendant, who was identified only by the initials N.H., pleaded guilty to charges in court documents that included one count each of computer fraud and interstate threats and four counts of wire fraud.

Dshocker is best known in hacker and gaming circles as the miscreant said to have perpetrated a series of attacks on members of myg0t, an online confederation dedicated to cheating and disrupting play in online games such as Counter Strike. He also unleashed attacks on other well-known hackers, according to online accounts.

According to federal prosecutors in Boston, Dshocker has since 2005 controlled “several” botnets comprising “tens of thousand [sic] of infected computers” used to carry out distributed denial of service (DDoS) attacks on his victims. In January, he turned his attention to a practice known as “swatting,” in which he made hoax 911 calls that falsely reported violent crimes were underway. On at least several occasions, the calls prompted visits by armed police.

To fool police, Dshocker spoofed his phone number so it appeared to originate from a victim who was located thousands of miles away. He obtained the victims’ numbers and addresses by breaking into the computer systems of their internet service providers and accessing subscriber records. Charter Communications, Road Runner, and Comcast are among the ISPs he broke into.

One call falsely reporting a violent crime in progress was made in March to the police department in Seattle. Another in April was made to police in Roswell, Georgia. Both calls originated from a phone located in Dshocker’s home town of Worcester, Massachusetts. He also phoned in a false bomb threat at one school and the presence of an armed gunman at another.

Dshocker didn’t limit his illegal hacking to settling grudges with fellow gamers. From 2005 to earlier this year, he used stolen credit card information to make fraudulent purchases. He also managed to gain free internet access by stealing proprietary software from a large, unnamed electronics company and then using it to modify his cable modem.

Dshocker agreed to the imposition of an 11-month sentence of juvenile detention. Had he been tried as an adult, he could have faced a maximum of 10 years in prison and a fine of $250,000.

Source : The Register
http://www.theregister.co.uk/2008/11/19/dshocker_pleads_guilty/

Nov 20 2008

Sitemeter Hack – Hide Visual Tracker (Counter)

Sitemeter

Sitemeter, one of the best traffic counter for websites/blogs, it shows online users, Referrals (From where people coming to your site), country locations, browser etc etc.. all in detail.

This counter is visible to all visitors.
Invisible Counters (Tracker) is available for Premium Accounts Only…!

But you can easily hack to hide it.
Its just few setting changes which will work fine.

1) Login into your sitemeter account.
2) Go to ‘Manager’ from top menu.
3) Go to ‘Meter Style’ option from left hand menu.
4) Select 2nd last meter style (Counter, which shows simple numbers).previewmeter
5) Now in “DIGIT COLOR” select ‘Transparent’, Similarly in “BACKGROUND COLOR” select ‘Transparent’.
6) DONE.

Now your sitemeter counter is invisible from normal eyes in your site
Place it anywhere in your website/blog, and track your traffic, users.

Enjoy…..!

Nov 19 2008

Ophcrack – Windows Password Cracker

Ophcrack

What is Ophcrack?
Ophcrack is a free Windows password cracker based on rainbow tables.
It is a very efficient implementation of rainbow tables done by the inventors of the method.
It comes with a Graphical User Interface and runs on multiple platforms.

Features :
* » Runs on Windows, Linux/Unix, Mac OS X, …
* » Cracks LM and NTLM hashes.
* » Free tables available for Windows XP and Vista.
* » Brute-force module for simple passwords.
* » LiveCD available to simplify the cracking.
* » Loads hashes from encrypted SAM recovered from a Windows partition, Vista included.
* » Free and open source software (GPL).

Latest Release : Ophcrack 3.1.0

Download :
http://ophcrack.sourceforge.net/download.php?type=ophcrack