Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Security

The Story of the tech.net.ru Crackers 231

Posted by CmdrTaco from the caught-iwth-your-pants-down dept.
tabdelgawad writes "The Washington Post is running a three-part story (Part 1, Part 2, and Part 3) detailing the events of the arrest of the two Russian crackers, Vasiliy Gorshkov and Alexey Ivanov, from a couple of years ago (See also Previous Slashdot Story 1 and 2). The writeup is light on technical details, but includes fascinating information about the crackers' socioeconomic conditions and motivations, as well as the competence and effectiveness of the FBI in combatting cybercrime."
This discussion has been archived. No new comments can be posted.

The Story of the tech.net.ru Crackers More

The Story of the tech.net.ru Crackers

Comments Filter:

  • True Patriot Act! (Score:3, Interesting)

    by sokkelih ( 632304 ) on Tuesday May 20, 2003 @08:13AM (#5997931)
    "crackers' socioeconomic conditions and motivations" These are the motives for terrorism.. Gues who is responsible for these things.
    • would care to enlight us on who is reponsible?

    • The indivduals who prepetuate the act (Score:1, Insightful)

      by Anonymous Coward
      Don't go off on one of the common, "it's all our own fault for causing the rest of the world so much pain."

      Wheter or not we (as in the United States, or any group there-in) don't live up to our own standards is irelavant to others actions. *Everyone* must be held accountable for what they do.

      The only motavation for terrorism is the will to cause terror.
    • If by "True Patriot" you are satirically indicting the "great patriots" of recent Russian history (ie communists) as most responsible for my nation's current economic difficulties then I salute you for astuteness. Otherwise, I shall just assume that like most of your Western ilk, you are simply naive, spoilt, and underinformed.

    • Re:True Patriot Act! (Score:5, Insightful)

      by gl4ss ( 559668 ) on Tuesday May 20, 2003 @10:15AM (#5998699) Homepage Journal
      terrorism spawns where political goals can't be met by other means (trying to get something into the public knoweledge or trying to force the majority into something else by terror, or by fighting the oppressing force using unconventional means that cause terror).

      common criminals spawn of poverty and possibilities, much like in usa too.

      however theres a very thin line between criminal and legal person russia.. chances are that to do ordinary business you will have to be at least partly criminal(bribe & etc).
  • A while ago, I knew a guy that got caught for piracy /hacking by the FBI... not pretty. I would use this article as a caution to anyone that thinks our government is incapable of action!

  • This was a great story. (Score:4, Interesting)

    by Anonymous Coward on Tuesday May 20, 2003 @08:14AM (#5997938)
    It highlights how oafish and ineffective the FBI can be. Read this story carefully. Want to illegally hack other people's computers and not get caught? Don't incur financial damage and the FBI will never chase you. Just ask Fyodor [slashdot.org].

    • Re:This was a great story. (Score:5, Insightful)

      by jandrese ( 485 ) * <kensama@vt.edu> on Tuesday May 20, 2003 @08:23AM (#5997996) Homepage Journal
      "Financial Damage" is a tough thing to define though. Some companies will claim millions of dollars lost to recover systems that have been hacked. How much actual financial damage did Kevin Mitnick cause?

      • Re:This was a great story. (Score:5, Interesting)

        by GMontag ( 42283 ) <gmontag@guymontag. c o m> on Tuesday May 20, 2003 @09:04AM (#5998214) Homepage Journal
        Actually, in the Mitnick case, there was a good helping of the FBI 'coaching' the firms on how to claim damage. IIRC, none of them came back to the FBI with what the FBI wanted to hear, so they were told to use full development costs as the damage estimate. Some of the accounts that I read, quite some time ago now, the folks having to deal with the FBI seemed to be getting fed up (hey! nuce pun! just noticed in preview) with the nonsense.

        This shady appraisal work was most glairing with the SUN damage estimate of >$20Million(?) for source code that could be purchased for much less and was given away free to educational institutions.

        Even though I have always advocated that Kevin should have done some time for his harassing phone calls to Shimomura, around 90 days, I have yet to see any true financial damages that he caused anybody.
    • Just the unauthorized presence in a machine is enough if the company wants to prosecute. All you have to do is 'alter a file', right? You know, like a log or history file? That's all it takes.
      • This comes up every time this kinda story gets posted.

        Even if you break into a machine and touch nothing, even logfiles, you are costing that company money.

        how? well that company has to do something about the hacked server (lots don't, they should) such as re-install, spend time fixing it, check logs, run extra checks on any other servers on the network. This all takes someones time and costs someone money.

        Think about it from a personal point of view, you start a webhosting company and your server gets o
        • how? well that company has to do something about the hacked server (lots don't, they should) such as re-install, spend time fixing it, check logs, run extra checks on any other servers on the network. This all takes someones time and costs someone money.

          Do you mean like when I leave the front door to my apartment open and someone comes in, leaves traces of his presence, takes nothing and leaves, I then have to remember to use the lock I have on the front door to begin with? Even (ghasp) remember to set t
    • Funny, I haven't seen any evidence that Fyodor did anything more than connect to an open X server on the public internet, that some poor troll left open. Where's the proof that he ever did anything that was actually illegal? (Actually, I haven't seen proof of him even doing anything at all.)

      When you're accusing someone of a crime you typically want to have proof.

      You also don't want to be someone that goes around posting fraudulent information.

      Since this whole thing starts off with the troll admitting

  • start-up (Score:5, Funny)

    by stonebeat.org ( 562495 ) on Tuesday May 20, 2003 @08:16AM (#5997962) Homepage
    didn't all dot-coms targetted the large US companies to con them out of money?

  • interesting paper (Score:5, Informative)

    by AbdullahHaydar ( 147260 ) on Tuesday May 20, 2003 @08:18AM (#5997971) Homepage
    This is an interesting paper [predictive.com] from Feb 2002 on which countries originate the most malicious attacks. (Russia doesn't even make the list)

    Google cached HTML version [216.239.51.100] of the paper.

    • Re:interesting paper (Score:5, Interesting)

      by Anonymous Coward on Tuesday May 20, 2003 @08:39AM (#5998073)
      Note that the US didn't make the list either, "because [US-based attacks] constituted such a large portion of the dataset"...

      • Re:interesting paper (Score:2, Insightful)

        by vinlud ( 230623 )
        Yeah, that's crazy!
        Hey, lets look to the backgrounds of people who walked on the moon, except Americans, they have such a large portion of the dataset.... :-?

    • My favorite quote for the lazy : (Score:5, Interesting)

      by aepervius ( 535155 ) on Tuesday May 20, 2003 @09:33AM (#5998409)
      U.S.-based attacks triggered nearly half (49%) of all the events in the 4th quarter. The U.S.-based events were not included in this study because they constituted such a large portion of the dataset and because the main focus of the study was on socioeconomic, political, and geographic patterns in the data. In order to better understand and predict the sources and nature of future attacks, data was col- lected and parsed for non-U.S. originating events.

      In other word, if you want to stop piracy and hacking, shut down the most [cyber]terrorist country : ther U.S.
      • Non US-based attacks constituted over half (51%) of all the events in the 4th quarter. This is indisputible evidence that if we want to stop piracy, hacking, and terrorism, the United States needs to subjugate all those other countries, here referred to as The Rest Of The World, and put them under our military command (like we're not doing to a country that will go nameless...

        Oh, wait. Never mind.
    • Top of the list (after the US...): South Korea

      Now, I really wonder how many of these so-called South Korea attacks where really originatin from there, rather than just using an open proxy located in South Korea. Personnally, whenever I go after an annoying spammer's broken .asp scripts, I always use a proxy (or several of them, chained together). And South Korea just has so much choice there. Russia has quite a number of open proxies as well, and makes for a quite convincing point of origin too!

  • You know, with this economic downturn, a lot of people might be tempted into doing stuff like this. You start on the legal side, but slowly start crossing the line...and with more and more of the world starting to jump on the e-bandwagon, it's really scary to think. It's not just hacking I'm thinking of but also of backdoors and malicious activites from within a organization (securit y inside an organization can be slack sometimes).

  • What about not stealing? (Score:5, Interesting)

    by POds ( 241854 ) on Tuesday May 20, 2003 @08:29AM (#5998025) Homepage Journal
    Say, instead of stealing credit card number or anything at all, they just left evidence on the computer that they were there (like they did).

    Could they still have been prosequted, or would anyone ever have bothered to bring it this far?

    Sounds like these guys could have made a business out of it, if only it was done right (not that im suggesting my suggestion was right :)).
    • You have always stolen something from a financial standpoint, in the eyes of the law (and probably as viewed by the owners of the machines you've hacked). This is because you have utilized machine time/cycles on the machines you broke in to. You did not pay for this time/cycles, the owners of the machine(s) have, so you are stealing something of value.

      This is how the argument goes. Just don't do it, it's dumb -- no smarter than jacking a car for a joyride. Nobody I know that wants to stay out of jail d

  • Economic conditions and crackers... (Score:5, Interesting)

    by jkrise ( 535370 ) on Tuesday May 20, 2003 @08:32AM (#5998035) Journal
    I think there is more to this than meets the eye. A recent notable case is that of the Pakistani who is said to have hacked the PassPort Password Reset bug aka feature. Poor chap hacks hotmail for a living? Or is it just the obvious (?) ter.... connection?

    Even granting that economic conditions lead to cracking, it should be interesting to see the effect in the US over the next decade. Already, the DMCA, oppressive MS licensing, litigious thugs (SCO - brought to you by MS) etc. are eroding the economic wealth of the US and putting more and more money into the hands of a few rich corporations.

    Countries outside the US are little affected by legislation as well as law-enforcement in the US. Piracy before, piracy in the future. The SCO case, even if settled in favor of SCO will have little impact in Europe, and nil or negative impact elsewhere across the globe. If any, it is likely to fuel further Linux adoption, courtesy the attention brought by the case.

    The net result of these trends could be the rapid impoverishment of the US, and the beneficiaries could be the rest of the world. The incentives for crackers to emerge in the US could be huge, in say, another 3 to 5 years - IF the hypothesis were true.
    • i will just assume that you are not a troll and try to discuss the matter in a civil way

      (?) ter.... connection

      you mean terrorism ? nah don't think so but maybe if you have some balls to talk a bit more clearly please?.
      now I live in a third world country and we are steadily migrating away from anything Microsoft anything you can pay for to an equivalent free solution, take out MS Office put Open Office, uninstall Adobe and pass that Gimp CD.
      So no need to piracy at all, we are all ethical here.
      • " you mean terrorism ?"

        Nah, I meant terrifc connection - clear?

        It's nice to know folks going Open Source to escape slavery from MS - and these effrots need to be commended. It is also a reality that HPaq and other Linux-loaded systems are formatted and loaded with the favorite OS by the masses. Ethical maybe (who'd think it's ethical to pay an American monopoly?), but still a subjective POV (point of view).

  • I'm yet to decide if this is good news or bad news. OSI's response seems to completely destroy SCO's filing... and they've found somebody we all love to hate [businessweek.com] to take up their cause.

    How many times have I heard (and said), "this is it!! this is what will take down microsoft" only to be dissapointed. This time, though...
  • Just wondering. Thought we gave up on this a while ago, but it appears some are still hanging onto this notion.

    I know I get blank, "deer in the headlights" look from co-workers and friends when I try to explain the difference of a hacker and a cracker. Finally I just gave up.

    I think they're moving toward "white hat" and "black hat" hacker terms now. But it's hard to keep up on this stuff. I mean, I still use the term "groovy"...so what do I know.

    • Re:We still fighting the "Hacker" vs "Cracker" war (Score:5, Insightful)

      by CurbyKirby ( 306431 ) on Tuesday May 20, 2003 @08:54AM (#5998150) Homepage
      Some of us are. Realistically speaking, usage dictates meaning. If everyone else in the world is going to think of hackers as malicious intruders, then so be it. Languages change over time, and computer jargon should be no different.

      I'm sure some people will fight for using the "correct terms." They are probably also zealots for their favorite text editor or Linux distro. I don't mind that they do it, but I won't do it myself.

      Fight the battles worth fighting for. Leave the H/Cr battle for someone else.
      • It's ignorance, plain and simple. The biggest computer experts, authorities, like ESR are saying that "hacking" is the wrong term. Looking at the history of hackers, he's right. So I think it makes sense for people to try and stop ignorance. Look at Paul McFedries and wordspy, yeah, google means to "search the internet", BS. The term google was not used before google came around, and people started using google to mean search google because it was the search engine you'd use to get the best results. He says

    • Funny thing, back in the day (my day - think Apple IIs and TRS-80s) we called anyone who mucked around in networks "hackers" (and it didn't occur to most of us that this could be malicious - you're just looking, right?). "Crackers" cracked copy protection and brought Tai Pan and Battlezone to the masses.

      Maybe it's a geographical thing.

  • Are Slashdot trolls odd or what ? (Score:5, Funny)

    by Rosco P. Coltrane ( 209368 ) on Tuesday May 20, 2003 @08:36AM (#5998057)
    This story is about russian hackers, and that's the only one where there's no "in soviet russia" post ...

  • Don't use Windows for mission critical applications where money changes hanges. Although these articles only mention it in passing, either in an attempt to remove technical "jargon" or due to a wish to defer to MSFT, it does mention that these guys exploited vulns in NT, and fails to mention that they exploited any other OS. Maybe it's blaming the victim, but why were these CIOs astonished when they were hacked? Best case is that it was lack of research on their part. Worst case it was plain stupidity. Nevertheless, MSFT isn't held accountable.

    On a related note, I was an indirect victim when they targeted an online shop that I purchased some stuff from (www.thenerds.net). Although I didn't lose cc info, the shop told me that my account was being held hostage unless they paid up. My response: I won't do business with them again, for depending on MSFT to secure their e-biz. I've also gone to a disposable Credit Card, which I recommend: www.mbnashopsafe.com.

    Bottom line: any "CIO" that depends on MSFT for e-biz security gets what's coming to him.
    • If you trust an online shop based entirely on the OS the server is running then.. err.. can I sell you stuff please?

    • Re:Moral of the story: (Score:2, Insightful)

      by RTMFD ( 69819 )
      Computer security is really a joke. Instead of venting your rage on MSFT, even though that might have been the platform of choice, the time to root on a lot of linux distros and Solaris boxes is pretty appalling too. I think the CC companies will hit the breaking point of paying up on all of these fraud claims and begin to demand better of the software industry.

    • Re:Moral of the story: (Score:5, Funny)

      by Glass of Water ( 537481 ) on Tuesday May 20, 2003 @10:09AM (#5998651) Journal
      As a sort of funny illustration, look at the picture on this page [washingtonpost.com], which shows the crackers' old dean, Lev Kazarinov, in his office. He has a Microsoft baner on the wall, and his monitor shows the blue disk checker screen you get when your Windows system crashes.

    • guh? (Score:2)

      by delmoi ( 26744 )
      Only the most amateur hackers would be stopped by using Linux rather then M$ software. Sure it's theoreticaly possible to connect a machine 'naked' to the internet, it will probably be insecure. Linux, Windows, or whatever. The proper way to setup a 'secure' network is to use whatever you want and put it behind a good firewall proxy (of course, you'll need to make sure any web-based systems are secure as well)
    • Don't use Windows for mission critical applications where money changes hanges. Although these articles only mention it in passing, either in an attempt to remove technical "jargon" or due to a wish to defer to MSFT, it does mention that these guys exploited vulns in NT

      Boy, are you ever right on this one! Thank god non-MS operating systems are completely secure [securityfocus.com]...
  • I know what these people have done has an over-all BAD feeling. But these guys obviously have an interest in it, and they obviously have a certain skill. Could governments start to hire these known hackers to defend themselfs...

    I mean, generaly, when interest and skills are combined, you get a good result. And by nature, i dont think these guys were really that bad.
  • ...if the crackers taste any good or not.

  • "commercial competition" (Score:4, Insightful)

    by deliasee ( 623516 ) on Tuesday May 20, 2003 @08:47AM (#5998113)
    As one of the Russian authorities pointed out, it basically boils down to "commercial competition" between the two countries. The disparity in our economies is manifested in the lack of law enforcement in Russia. People who have no other options use what they've got, and countries with bigger problems than a couple of their citizens trying to make some money (albeit illegally) have their hands tied. I think the more interesting question is how to resolve the problem in a manner that would help both sides; is the answer simply stamping out these people's skills and livelihoods?
    • How would you feel if some ghetto denizen wandered into your gated suburb, then proceeded to wander back out with your computer?

      Is that just "commercial competition" or is it just theft, plain and simple?

      Bank robbers, burglars, Enron execs, these Russian crackers - what do they all have in common? They steal things and as far as I'm concerned stealing is and should remain wrong.
    • Don't blame Russian socioeconomic situation for these guys' deeds. There are lots of IT workers in Russia, and I assure you they don't have to turn to crime in order to sustain themselves. Granted, the circumstances for these two guys might have been dire, but they deliberately preferred criminal activity to, oh horror, going broke and starting to seek another opportunity.
      • There are several sucessful software companies in Russia, this [www.avp.ru] and this [abbyy.ru] come to mind. The first one writes antivirus software, the second one office and OCR tools.
        It is possible to develop competetive software and make money in Russia, even maybe a little bit easyer than in the west, because most software developers are quite happy with 500 USD per month (this is 6000 USD per year!). The software can be delivered electronically to the clients so the company has much smaller expenses than a similar US compa

    • Re:"commercial competition" (Score:4, Interesting)

      by benzapp ( 464105 ) on Tuesday May 20, 2003 @10:53AM (#5998954)
      In many ways, it reminds of the American government basically refusing to enforce English copyrights in the 19th century. That was certainly commercial rivalry, but that whole revolution thing may play a part.
  • The tech.net.ru computers were meticulously organized to make the crimes as efficient as possible, investigators said. Each victim's information was kept in its own file; the hacking programs were placed in a folder labeled "badstuff."

    How meticulously organized!!
    Must be evil hackers!

  • FBI investigative methods (Score:5, Interesting)

    by asmithmd1 ( 239950 ) on Tuesday May 20, 2003 @09:00AM (#5998191) Homepage Journal
    It wasn't too hard to figure out who was responsible

    Ivanov was so bold he sometimes sent his résumé -- and even photos -- to prove that he was a serious security consultant. The documents listed his home phone number and detailed his previous experience

    I wonder if they could have tracked him down if he didn't send them his contact info

  • Short Version (Score:5, Funny)

    by bryanp ( 160522 ) on Tuesday May 20, 2003 @09:01AM (#5998200)
    He starts a business with the Best of Intentions.

    Local crime bosses go after him for protection money. "Hey, nice server you got dere. Be a shame if sumtin' happened to it."

    His employee suggests they raise the protection money by breaking in to American sites, steal CC #'s etc.. and offer to return the stolen data (?) and tell them how they did it. Raise protection money with protection money.

    "Hey, the FBI can't get us here. We're in Russia, not Wisconsin."

    FBI proves them wrong.

    No, I don't feel sorry for them. They're criminals. Send them to Federal pound-me-in-the-ass Prison.

    • Re:Short Version (Score:5, Insightful)

      by Anonymous Coward on Tuesday May 20, 2003 @10:50AM (#5998933)
      No one deserves to be raped. Shame on you for suggesting it.

      • Parent should be modded up (Score:5, Insightful)

        by Hobbex ( 41473 ) on Tuesday May 20, 2003 @11:32AM (#5999254)
        What kind of a barberous place has America turned into, when people getting raped as part of their imprisonment is considered not only acceptable (a ha-ha-ha standing joke for Letterman and Leno) but desireable?

        What other humiliating physical violence do we think criminals should be subjected to? Should the women get raped as well? Maybe this should be institutionalized, so we can be sure that all inmates get raped and violated in equal measure?

  • keyloggers (Score:5, Funny)

    by markov_chain ( 202465 ) on Tuesday May 20, 2003 @09:03AM (#5998206)
    I like this snippet:

    Unbeknownst to Gorshkov and Ivanov, the agents had installed onto the "company's" computers a program that logged the young men's keystrokes as they were accessing the tech.net.ru systems in Russia. That allowed U.S. law enforcement to obtain the hackers' passwords.

    0wned by FBI's keylogger, har har!

  • Slashvertisement for the FBI? (Score:3, Informative)

    by j-turkey ( 187775 ) on Tuesday May 20, 2003 @09:25AM (#5998360) Homepage
    as well as the competence and effectiveness of the FBI in combatting cybercrime.

    This is the first time I've ever heard a /. editor offer such praise for the FBI...ever.

    Could this possibly be a Slashvertisement for the FBI?

    --Turkey

  • Am I the only one who noticed that... (Score:5, Insightful)

    by LeoDV ( 653216 ) on Tuesday May 20, 2003 @09:28AM (#5998379) Journal
    The Washington Post calls them hackers and their activities hacking, while /. rightfully used the word cracker? I emailed them a slightly different version of RMS' letter you can find in the Jargon file [catb.org] (Appendix C [catb.org]). I've got no illusions about how effective it'll be, but I still feel it's something we should do more.
    • Actually, you're wrong.

      The term "cracker" was pushed in the recent past by the OSI movement in their efforts to distinguish "kernel hackers" from "system hackers". But long before this misinformation arose, it was "hacker".

      Unfortunately, due to an aggressive revisionist campaign by ESR, Slashdot, and others, they want you to use their term and have wrongly confused a lot of people (like you).
      • Of course I don't have first hand information, but I'm under the impression that the term "hacker" was coined in the 60's at MIT when they were screwing around with PDP computers, and was used in (so-called) hacker circles to refer to what the Jargon file describes as hackers until the term was hijacked by mainstream media.

        I know cracker technically only refers to a certain technique of security breaking (as opposed to say, phreaking) and was later broadened to security breakers in general, if that's what
        • See above.

          In underground circles long before ESR started his revisionist campaign, "crackers" referred to people who cracked software copy protection schemes.

          Hackers were "security breakers" as you say. This is why we have 2600: The Hacker's Quarterly, and terms such as HPAV (Hacking, Phreaking, Anarchy, Virus). History lends a much different picture than the one OSI folks are trying to push on us.
          • Those self-described `hackers' of the 80s were just that: self-described. They were kiddie who wanted to be like their betters, the real hackers, who were non-malicious programmers. The word `hacker' was first used in computing circles to mean, well, a hacker--only later was it corrupted by puerile crackers and a lackwit media.

  • Not so black and white.... (Score:5, Interesting)

    by pragueexpat ( 674635 ) on Tuesday May 20, 2003 @09:35AM (#5998431)
    I've been reading this story with interest, since I'm American, currently living in Prague, and recently visited Ukraine (OK, not Russia, but economically similar). The mafia is all over that place, and I have no doubt that these kids were being hassled for "protection money". Many homes in Russia do not even have hot water, so you can't think of this place as you would a western democracy - the people do anything to survive. Now, of course, this is no excuse for criminal behavior. However, I keep thinking - isn't it better that these guys are finding the cracks in your system and telling you about them, instead of just stealing all the credit card info and causing much more damage to your business in bad publicity and pissing off customers? This is really a catch-22. As a business owner, of course I don't want to encourage blackmail. But having vulnerabilities on your business site is YOUR problem and its better that you're told about them before someone else takes advantage. I would rather pay someone and find out about vulnerabilities than have someone else steal all my info and ruin my business reputation. Of course, these guys could just keep coming back for more money every month if they already have my CC#s and info. In that case, your server's vulnerability has cost you big time. Sorry, I don't have a good answer to this, but let's not let the business owners off the hook because they are being blackmailed from people who found mistakes in THEIR OWN servers. To sum up: Blackmail=BAD, businesses that don't secure their systems=ALSO BAD.
    • pragueexpat stated:

      and recently visited Ukraine (OK, not Russia, but economically similar). The mafia is all over that place, and I have no doubt that these kids were being hassled for "protection money"

      I beg to differ. Russia and Ukraine are very different in terms of economic and political situations. Ukraine has been totally looted by their political elite. There is no infrastructure left to mention at all. Ukraine is also a primarily agricultural country that has little industial presence at all (

  • Hmmm... Economics. (Score:4, Insightful)

    by paja ( 610441 ) on Tuesday May 20, 2003 @10:10AM (#5998657)

    This is just plain stupid. Connecting hacking with economical situation in any country is going nowhere. There are some countries, where You have to know what's going on before You start a company. And a bunch of guys living in such conditions should know about it.

    Just a rule of thumb: running a small family bussines in Eastern Europe means keeping it low. If You don't want to, just be sure You are big enough to face consequences.

  • Recently experienced the joy of credit thef... (Score:5, Insightful)

    by reynolds_john ( 242657 ) on Tuesday May 20, 2003 @10:30AM (#5998813)
    I hope these guys get the chair. Seriously. My wife and I are *very* careful online, and in all purchases - even so far as shredding all information before it goes into the trash.

    The last two weeks we've had identity/credit theft again.. the second time within a year. Let me tell you first hand, this is NO fun. I spoke with our Credit Union representative about this - she stated that members are being hit with this almost nonstop, and it only shows signs of getting worse. Even better, now (she stated) they have perfected forging other things like money orders and the like, which is on the rise as well.

    This hacking sounds "interesting" up to the point you've lived through it first hand. Now, I just want these guys caught and put away. However, the responsibility doesn't simply rest on their shoulders. Visa and other Banks should have the pants sued off them for giving the public such a laugh of security in the form of credit cards. Why lawsuits? Because once you hit their precious pocketbooks, they will finally take this stuff seriously. If the public truly understood the depth of how laughable the security is, I think they would experience mass account closures almost overnight.

    The ease of use of these things is apalling. Heck, once they have a number, how hard is it to get the rest of the data like address and phone? What a laugh.

    People - protect yourselves. I'm looking more into this: [Private Payments] [americanexpress.com]
    as a method of protecting my primary cards. If anyone else has suggestions, please let me know.

    • Identity Theft (Score:2, Funny)

      by veg_all ( 22581 )
      Take mine,...please.

      (don't mind the outstanding student loans)
    • Visa and other Banks should have the pants sued off them for giving the public such a laugh of security in the form of credit cards.

      If credit cards are so bad that someone should be sued for creating them, why do you use them? Let me guess: because it's convenient? While it's certainly inconvenient to live without a credit card in the US, since they're often used as a form of ID, it really isn't difficult to avoid USING your credit card.

      You're trying to shift the blame for your own laziness onto a compa

    • Wow. I'm pretty fast and loose with my CC info online and I've never been bothered by fraud of any kind. I'm still more worried (Which is to say, slightly worried) about some pissed off waiter snagging my CC info than I am about someone stealing it online.

      Kintanon

  • Favourite Quote (Score:2, Insightful)

    by CmdrGravy ( 645153 )

    "Morgenstern, meanwhile, was conflicted. He didn't want to pay any extortion fee but he was determined not to let the hackers ruin his company's reputation either. He was worried that news of even a minor break-in might spook customers. After all, E-Money was built on trust."

    Obviously criminals are bad etc, etc but if Morgenstern is running as he says a business that is built on trust and hasn't bothered to safeguard the security of his customers then he really is getting what he deserves. In many ways he

  • No sympathy for them (Score:4, Informative)

    by Brother52 ( 181351 ) on Tuesday May 20, 2003 @11:37AM (#5999289)
    There's absolutely NO PROBLEM getting a decent computer job in Russia, if you're any good. Decent programming skills will earn you enough to live on in virtually any city that's not small (Chelyabinsk is big). I'm a Russian, so I guess I know what I'm talking about.

    There's just that kind of people who are reasonably smart, but with ambitions far outweighting their creative abilities. These often become crackers. Living conditions just don't matter here.

    As to mafia demanding "protection money" - I really don't see it happening to a company that is barely afloat and works fully within the law. There're just lots of better targes. So I guess this was a consequence, not the cause.

Slashdot Top Deals

It isn't easy being the parent of a six-year-old. However, it's a pretty small price to pay for having somebody around the house who understands computers.

Close