“World’s #1 Hacker” site Hacked – Ligatt Security Breached

Ligatt Security, the home of Gregory D. Evans (self-proclaimed #1 Hacker), has been hacked and private company e-mail messages stolen. According to The Tech Harold, Ligatt was breached last Wednesday and over 80,000 company e-mails were released to the public.

Outrageous claims and questionable practises have made the company a target of a lot of ridicule over the years by numerous security professionals. Evans was even accused of plagiarism in his book, “How to Become the World’s No. 1 Hacker”. And according to The Tech Harold:

Not that long ago, Evans’ Twitter access was suspended for cyberbullying. Twitter took the action against him, after the addresses and personal information of those who are vocal critics appeared on his timeline. Ironically, the week Evans’s account was suspended; he was talking to school children about the threats they face from bullies on the Internet. His account access was returned after the messages were removed.

One would have to wonder about the wisdom of calling oneself the “World’s #1 hacker”. It just seems that it would open you up to a lot of unwanted attention. And to add insult to injury, the day of the hack was also Evan’s birthday. 

The attackers may have had internal help. Along with releasing a 4 GB torrent file containing the e-mails, a letter was also included.

The letter ends with:

To the brave soul who helped make this possible: thank you. You took
great personal risk to bring this information forward, and none of it
would be possible without you. It’s unclear how you tolerate his lies
day after day, but you’ve redeemed yourself by supporting this cause.

Finally, to Gregory D Evans: it is done. All your lies are out in the
open. Your investors will know. Your lawyers will know. Your employees
will know. Your mother will know. Your lovers will know. Just step away
and move on. Stop the stock scams. Stop the lawsuits. Stop the
harassment. Stop robbing your employees. Stop embezzling. Stop
deceiving every person in your life. When your child grows up and
learns about you, the only legacy you’ll be leaving is one of deception
and fraud.

Happy Birthday Mr. Evans

Cyber Arms Intelligence Report for February 4th, 2011

All eyes are on Egypt this week. Again as turmoil hits a nation, the internet goes dark. Cell phone usage though was for the most part untouched. So Google, Twitter and Say Now put their heads together and found a way to allow Egyptians to post tweets via cell phone.

Oddly enough, the protests in Egypt have touched off controversy here in the US over Obama’s internet kill switch. Joe Lieberman and his co-sponsors are planning on introducing the Cyber Security and American Competitiveness Act of 2011 (PDF File) at the current session on congress. The proposed legislation and the events in Egypt prompted the following statement:

“Our cybersecurity legislation is intended to protect the U.S. from external cyberattacks,” the statement says. “Yet, some have suggested that our legislation would empower the president to deny U.S. citizens access to the Internet. Nothing could be further from the truth. We would never sign on to legislation that authorized the president, or anyone else, to shut down the Internet. Emergency or no, the exercise of such broad authority would be an affront to our Constitution.”

Thank goodness for the Constitution. Time will tell if the “Kill Switch” is legitimized or not.

Microsoft is caught with its hands in Google’s cookie jar. Google suspected Microsoft’s Bing search engine was copying Google’s search results. When entering search terms in both engines, identical results were returned. So Google set up a trap:

From December 17 to December 31, engineers inserted a “honeypot” result as the top result for specific search queries — including, hiybbprqag, mbzrxpgiys, and indoswiftjobinproduction — and waited to see if the same results would appear on Bing. Lo and behold, the identical results popped up.

Microsoft responded by denying the accusation and requesting a third party investigate the incident. Yusuf Mehdi, Microsoft’s Senior Vice President of Online Services Division said:

We do not copy results from any of our competitors. Full stop. We have some of the best minds in the world at work on search quality and relevance, and for a competitor to accuse any one of these people of such activity is just insulting.

Next the gloves came off and a full Twitter war of “yes you did”, “no we didn’t” responses began between Google and Microsoft Employees – nice.

Microsoft also made headline news as another Internet Explorer vulnerability was found that put an estimated 900 Million users at risk.

In other news, CSC wins a $30 Million Air Force cybersecurity contract:

Under the terms of the contract, CSC will isolate, contain and prevent intrusive activities on the Air Force automated information systems and networks. In addition, CSC will plan, coordinate, analyze and report on the results of managed network intrusion detection systems and intrusion prevention systems.

And NATO begins implementation of Cyber Shield plan:

Deputy Secretary of Defense William Lynn is meeting this week with his NATO and European Union (EU) counterparts in Brussels to begin implementation of the alliance’s cybersecurity defense plan.

Lastly, a new purpose was found for unwanted text messages.  Apparently, a wireless provider’s “Happy New Year” message set off a terror bombers suicide vest. The suicide bomber was thought to be with the same Jihad group that recently hit Moscow’s airport.

Other top stories from around the web:

White House Gets Average Grades on Cyber-Security
The National Security Cyberspace Institute (NSCI), which calls itself as a cyber-space education, research and analysis group for public, private and academic entities, in January gave the administration middling grades on cyber-security in its report, Federal Government Cybersecurity Progress: Obama Administration Report Card 2009 – Present.

Show of Strength urged for Cyberwar
Military cyberwarriors are building up efforts to pinpoint the sources of foreign computer break-ins on U.S. networks and will need to demonstrate a major computer attack capability in the future to deter increasingly sophisticated threats, according to the outgoing commander of the U.S. Strategic Command.

2011 CyberSecurity Watch Survey: Organizations Need More Skilled Cyber Professionals to Stay Secure
More than 600 respondents, including business and government executives, professionals and consultants, participated in the survey. The survey is a cooperative effort of CSO, the U.S. Secret Service, the Software Engineering Institute CERT® Program at Carnegie Mellon University and Deloitte.

Russia Calls for Stuxnet Investigation
Late last week Russia’s envoy to NATO, Dmitry Rogozin, publicly called upon (more like demanded) NATO to conduct a thorough investigation into the Stuxnet computer worm that targeted the Iranian nuclear power plant, and stated that the incident could have triggered a “new Chernobyl.”

Busted Cybercrime Ring Targeted Apple Stores
Dozens of people have been charged with forming a prolific identity theft ring that used thousands of stolen credit card numbers to shop at Apple stores around the country, according to a court document and a law enforcement official.

Egyptian Protesters heard as Twitter and Google Team up

As Egypt has cut internet service, protesters are struggling to get their voice heard. Google, Twitter and SayNow have teamed up to allow protesters to post tweets via cell phone calls:

Callers in Egypt had three numbers to leave recorded messages, based in the United States (1-650-419-4196), in Italy (39-06) 6220-7294 and in Bahrain (973) 1619-9855.

Then the service will instantly send the recorded call as a Twitter message using the hashtag #egypt. They are subject to international calling charges, but Google and SayNow, which announced last month that it had been acquired by Google, are also exploring the possibility of setting up a local phone number in Egypt, someone close to the project said on Tuesday.

The tag #Egypt is going crazy right now. Within a few seconds there were almost a thousand new tweets.

Time will tell if the revolt will bring about democracy or a more radical government.

Very interesting idea though to bypass Egyptian government internet ban. I am just curious how long it will be until cell phone service is cut.

Government and Military Website Access for Sale

Numerous Government, Military and Educational admin accounts are for sale online. Security company Imperva discovered major websites had been hacked and site access was up for sale. Impera revealed screenshots of the Hackers website listing the compromised sites.    

The site reads like a shopping list:

Looking for full admin access to a government system in Itay? $99
American government systems? $55 – $99
Army websites or National Guard? $399 – $499

The full site names that have been compromised are somewhat blocked out in the pictures on Imperva’s blog. But, according to an article on E-Week, the sites included the Department of Defense Pharmacoeconomic Center, the United States Army’s CECOM (Communications Electronic Command), the University of South Carolina Beaufort, and Utah’s State site.

Websites that were compromised have been contacted.

Compromised usernames, passwords and credit card numbers have been on sale by hackers for a long time. But this new wave of selling access to government and especially military sites is very disturbing. It was also recently found that hackers found a way to bypass government smart card security.

Obviously hackers are finding ways to compromise government systems. Our nation’s federal cyber security experts really need to take a step back and take a new look at securing government and department of defense systems.