Zone-H often deals with identity theft. We use to explore methods, vulnerabilities and particular cases that could lead to such frauds in order to inform our audience on the invaluable damages that they could provoke to normal people.
But maybe, no theory or analysis can be as much effective as the words of people who has been victim of an identity fraud. No technical statistics can be more clear than the rage emerging from the story of an innocent man whose family, job and life were destroyed because his personal details were stolen in 1998, while he was shopping on-line on a legal and popular website.
The following story was published few days ago in ORE EXPOSED website . Both the website and the story refer to Operation Ore , an enquiry carried out by British Police against digital crime. Operation Ore was launched in the UK in May 2002, when UK authorities claimed they had the names of 7,272 UK citizens who had paid to view on-line child pornography. Hundreds of people were involved and many of theme were completely innocent, as the enquiry itself demonstrated later .But in the meantime, they lost everything, and someone lost his life as well.
Hew Raymond Griffiths, a British national living in the Australian city of Bateau Bay, after spending almost four years in prison in his native country and after being extradited to the USA, is now about to face a process and eventually a conviction.
The accusation is infringement of the law on copyright. Being processed in the USA, Mr. Griffiths risks up to 10 years in prison and a half– million-dollars fine.
Griffiths was arrested in 2003 because of a warrant emitted by Australian institutions under the request of the American Department of Justice.
The news has been booed by the blogosphere and harshly criticized by magazines that deploy the intromission of US Government in the Australian System of Justice.
The debate on wireless security in Internet cafes keeps burning…
Internet users were recently warned about dangers linked to wi-fi hotspots in Internet cafes, including Starbucks.As reported by Times Online , cyber pranksters base their attacks on the technique of “evil twin attack”, which is a different name for “man in the middle attacks”, where users are diverted to a malicious connection that is controlled by the attacker through a laptop. So, the attacker is allowed to get any kind of Information on users and their activities, and to commit identity frauds.
The digital fight against terrorism is getting more and more sophisticated. Due to the increasing of threats, governments from all over the world are enhancing their efforts to detect terrorists both online and in real life, in order to stem risks.
An example come from the USA, one of the countries that are most under the threat of terrorist attacks, where a high-level task force was introduced to monitor, detect and wipe off terrorist cells in homeland territory.
According to the Hartford Courant , this task force presented yesterday a 34 pages report to a Senate Committee, where they focus on the fact that “it’s not only hard to stop extremists from using the Internet to communicate and plot their next moves, but the government is lagging badly in efforts to curb such activity”.
Few days ago, the website Microsoft IEAK was victim of a defacement. The website promotes the “Internet Explorer Administration Kit”, a toolkit that allows to “deploy and manage Web-based solutions,” and to “learn how to tailor a custom browser to meet customers’ needs,” the website says.
The attacker is known by the handle Cyber-Attacker (cyb3rt), he is from Saudi Arabia, and he is not new to such activities. He is the one who carried out to a XSS attack against one of Zone-H staff members, stole his administrator password and by this mean defaced Zone-h English website.As reported by the attacker, the page contains a SQL Injection flaw in the Login field, by which he got to execute arbitrary sql commands and inject the html content that altered the page of Microsoft IEAK web site.…