Password Hackers Do Big Business With Ex-Lovers 197
Hugh Pickens writes "The Washington Post reports that disgruntled lovers and spouses considering divorce are flocking to services like YourHackerz.com that boast they have little trouble hacking into Web-based e-mail systems like AOL, Yahoo, Gmail, Facebook and Hotmail. The services advertise openly, and there doesn't appear to be much anyone can do about it because while federal law prohibits hacking into e-mail, without further illegal activity, it's only a misdemeanor, says Orin Kerr, a law professor at George Washington University. 'The feds usually don't have the resources to investigate and prosecute misdemeanors,' says Kerr. 'And part of the reason is that normally it's hard to know when an account has been compromised, because e-mail snooping doesn't leave a trace.' It's not clear where YourHackerz.com is located, but experts suspect that most password hacking businesses are based overseas."
Re:So wait... (Score:1, Funny)
You mean people actually still think that web-based, free emails are secure?
But of course they are, they have the big pictures of padlocks on the front page... and you even get that certificate popup thing, that means it's SUPER secure!
Re:RTFS (Score:4, Funny)
Text of the Article (Score:3, Funny)
Password Hackers Are Slippery To Collar
By Tom Jackman
Washington Post Staff Writer
Monday, September 7, 2009
When Elaine Cioni found out that her married boyfriend had other girlfriends, she became obsessed, federal prosecutors say. So she turned to YourHackerz.com.
And for only $100, YourHackerz.com provided Cioni, then living in Northern Virginia, with the password to her boyfriend's AOL e-mail account, court records show. For another $100, she got her boyfriend's wife's e-mail password. And then the passwords of at least one other girlfriend and the boyfriend's two children. None had any clue what Cioni was doing, they would later testify.
Cioni, however, went further and began making harassing phone calls to her boyfriend and his family, using a "spoofing" service to disguise her voice as a man's. This attracted the attention of federal authorities, who prosecuted Cioni, 53, in Alexandria last year for unauthorized access to computers, among other crimes. She was convicted and is serving a 15-month sentence.
But such services as YourHackerz.com are still active and plentiful, with clever names like "piratecrackers.com" and "hackmail.net." They boast of having little trouble hacking into such Web-based e-mail systems as AOL, Yahoo, Gmail, Facebook and Hotmail, and they advertise openly.
And, experts said, there doesn't appear to be much anyone can do about it.
"This is an important point that people haven't grasped," said Peter Eckersley, a staff technologist for the Electronic Frontier Foundation in San Francisco. "We've been using e-mail for years, and it's been insecure all that time. . . . If you have any hacker who is competent and spends the time and targets you, he's going to get you."
Federal law prohibits hacking into e-mail, but without further illegal activity, it's only a misdemeanor, noted Orin Kerr, a law professor at George Washington University and a former trial attorney in the Justice Department's computer crime section.
"The feds usually don't have the resources to investigate and prosecute misdemeanors," Kerr said. "And part of the reason is that normally it's hard to know when an account has been compromised, because e-mail snooping doesn't leave a trace."
Every state has laws roughly similar to the federal computer laws, Kerr said, and rate the offenses as misdemeanors.
Not long after Gov. Sarah Palin of Alaska was named the Republican nominee for vice president last year, someone hacked into her personal Yahoo e-mail accounts. And as the election neared, someone at George Mason University hacked into the e-mail of the school's provost and sent a schoolwide e-mail saying the election date had been changed.
"Web Based email password hacking or cracking is one of our all time favourite and unique hobby," write the folks at YourHackerz.com. It's not clear where YourHackerz.com is located, but experts suspect that most of the businesses are based overseas. "We will provide you with the original Passwords. No questions asked whatsoever. Payment only after you are CONVINCED. 100% guarantee of Cracking. Total privacy of your information. No legal hassles."
At SlickHackers.com, they boast, "We are professionals interested in helping serious people for whom an email password would mean saving their marriage, knowing the truth, preventing a fraud, protecting their family/job/interests only when conventional ways and normal procedures do not work."
All the services advertise that they will e-mail a screenshot of the target's in-box or even send an e-mail from the target's e-mail as proof that they've cracked the password. The customer then sends payment. One service, whose fee is only 20 British pounds (about $33), then responds with the script from a scene from a Shakespeare play, with the stolen password hidden in the copy.
E-mail inquiries to several of these services did not elicit any responses.
The FBI cannot police the Internet, a spokesman said. "The FBI is aware of these illegal services," spok
Password hints (Score:5, Funny)
What is your girlfriend's name? Let's see the wife try to guess that one.
ha (Score:2, Funny)
Re:RTFS (Score:3, Funny)
... a good reason to keep your lover gruntled.
Re:RTFS (Score:2, Funny)
Re:RTFS (Score:5, Funny)
"Hello, Student Loans Company, do you have a reference number?"
"Yes, L238BNM"
"Could you tell me the fourth letter of your mother's maiden... hmm... I'm sorry sir, I think there's a problem with the system, please--"
"Is it a hash symbol?"
"Er... yes. And the first letter of your first pet's name?"
"The number 8"
"That's correct."
Re:RTFS (Score:4, Funny)
Here is a sample of the kinds of answers that I am thinking about using. Of course, those are not the actual imaginary answers which I will be using. I will not tell any of my future girlfriends or my imaginary answers. These are roughly the types of answers that I might decide to use.
My mother's maden name was Van Bopeep-Tinkerbell.
I was born on Booth Island in Antartica.
I graduated from Elephant Island Prep School in Antartica.
My favorite place is Needles, California.
My first dog was a pitbull/timberwolf mix named Fluffy-foofoo Jr.
My first car was a 1923 model E Doble Steam car.
My favorite food is road-kill packrat stew.
My favorite color is infra-red.
Of course passwords should not be something too easy to guess. Personally, I prefer to use the first letter from each word in a short sentence, to create a pass phrase. To make the pass phrase easier to memorize, I try to make the sentence as humorous or bizarre and easy to visualize as possible. If it rhymes, so much the better. If punctuation is allowed in the password, I have also found an easy to remember trick on how to include a few punctuation symbols, as well as mixing in both upper and lower case letters. Just in case I ever forget, I keep a short backup list of those in my safety deposit box at the bank.
By the way, I still use an old-fashioned pop type email account instead of an web-based email account.
Re:RTFS (Score:3, Funny)
If I ever found a female customer service rep that knew what a "hash" is I'd drop a marriage proposal on the spot.
What if she knew what an octothorpe was?
Re:RTFS (Score:3, Funny)
So, if you forget your password, you recover it with another password that you can't remember?