Archive for May, 2013

Romanian hacker aims to protect world’s ATMs

1297417874355_ORIGINAL
Valentin Boanta (bottom, R) watches TV in his cell at the Vaslui penitentiary, 340 km northeast of Bucharest May 15, 2013.

VASLUI, Romania  – Valentin Boanta, sitting in his jail cell, proudly explains the device he has invented which, he says, could make the world’s ATMs impregnable even to tech-savvy criminals like himself.

Boanta, 33, is six months into a five-year sentence for supplying gadgets an organized crime gang used to conceal ATM skimmers, which can copy data from an unsuspecting ATM user’s card so a clone can be created.

He said he had started to make the devices for the sheer excitement of it and denies ever planning to use them himself, saying he only sold them to others.

Boanta says his arrest in 2009 and trial brought contrition, as he realized the impact of his actions and felt an urge to make amends. It also brought the former industrial design student a flash of technical inspiration.

“When I got caught I became happy. This liberation opened the way to working for the good side,” Boanta said.

“Crime was like a drug for me. After I was caught, I was happy I escaped from this adrenaline addiction,” he said. “So that the other part, in which I started to develop security solutions, started to emerge.”

It was during his trial that he got down to work. The stage for Boanta’s product pitch these days is the book-lined cell in the northeastern Romanian town of Vaslui he shares with five pickpockets and burglars.

“All ATMs have ageing designs so they are prone to vulnerability, they are a very weak side of the banking industry,” he said.

“Every ATM can be penetrated through a skimming crime. My security solution, SRS, makes an ATM unbreachable.”

Boanta says his “Secure Revolving System-SRS” can be installed in any ATM. It allows the bank card to be inserted longer side first and then rotates it to prevent skimmers being able to lock on to the magnetic data strip. The system returns the card to its user with a reverse rotation.

Outwardly it is a trapezoidal metallic box around 6 inches long with the card slot in the middle.

The SRS, funded and developed by a technology firm near Bucharest called MB Telecom, is patented and won an award this year at the International Exhibition of Inventions in Geneva. The inventor and company are not yet saying how much it will cost, but insist it will be available soon.

“He fully deserves such recognition,” said SRS co-inventor and MB Telecom president Mircea Tudor. “He’s taking part in improving Romania’s image abroad and he’ll surely join our team when released.”

Romania has a deep well of technical expertise stemming from the time of communist dictator Nicolae Ceausescu, who backed computer research and technical education.

Digital piracy flourished after his violent overthrow in 1989, as people who could not afford proprietary products bought cheap copies instead.

Romanian hackers stole about $1 billion from U.S. accounts in 2012, according to the U.S. embassy in Bucharest. A report by Verizon said Romania was the world’s second-biggest hacking centre after China. The FBI has even set up an office in Romania and helped to train specialist police agents.

Shetland hacker to be sentenced for LulzSec role

2453461989

Jake Davis leaves Westminster Magistrates Court at an earlier appearance.

A GROUP of young British computer hackers who considered themselves to be “latter-day pirates” masterminded sophisticated cyber attacks on major global institutions including the CIA, Sony, the FBI and Nintendo from their bedrooms, a court heard yesterday.

Jake Davis, from Lerwick in Shetland, along with Ryan ­Ackroyd, Mustafa al-Bassam and Ryan Cleary were “hactivists” with the LulzSec collective that stole sensitive personal data including e-mail, online passwords and credit-card details belonging to millions of people.

News International, the NHS and the UK’s Serious Organised Crime Agency (Soca) were also victims of the group, who lived as far apart as London and the Shetland Islands and did not meet in person.

Stolen information was posted unencrypted on their website and file-sharing sites such as ­Pirate Bay in 2011, London’s Southwark Crown Court heard.

They also carried out distributed denial of service (DDoS) attacks, using linked networks of up to one million computers to overpower and crash websites.

Their activity collectively cost their targets millions of dollars and potentially left millions of people at risk from criminals, the court heard.

Prosecutor Sandip Patel said the group, a spin-off from ­Anonymous, had been motivated by a desire for publicity rather than financial gain.

But he said they were “not naive to the risk that confidential data might be misused”.

“It’s clear from the evidence that they intended to achieve extensive national and international notoriety and publicity,” he said. “They saw themselves as latter-day pirates.”

He added: “This is not about young immature men messing about. They are at the cutting edge of a contemporary and emerging species of criminal ­offender known as a cyber ­criminal.”

Davis, 20, from Lerwick, Shetland, used the alias Topiary and was LulzSec’s main publicist.

He and al-Bassam had previously pleaded guilty to hacking and launching cyber attacks on a range of organisations, including the CIA and Soca.

Cleary, 21, of Wickford Essex, known as ViraL, pleaded guilty to the same two charges plus four separate charges including hacking into US air force agency computers at the Pentagon.

Davis, who faces possible extradition to the US, has completely turned his life around since being arrested, his barrister Simon Mayo QC said.

The Canterbury-born, Shetland-raised hacker was an isolated depressed teenager who fell under the spell of a “misguided ideology”, he said.

But since his arrest, he had found work in London as a scriptwriter, also writing for the Observer newspaper about his time with Anonymous and ­taking part in a documentary.

LulzSec existed only for a few months in the first half of 2011, the court heard. But it built up a huge international profile, with 355,000 Twitter followers.

It probed websites looking for security weaknesses to exploit.

Attacks such as those on Sony and Nintendo harvested massive amounts of private data.

Sony lost details relating to 26.4 million customers, the court heard.

LulzSec also carried out a F*** FBI Friday attack on the US law enforcement agency and Wipeout Wednesday, which took down the CIA.gov website.

The Arizona State Police were also targeted because of the state’s perceived racist policy towards immigrants, the court heard.

News International was targeted too, with visitors to the Sun website redirected to a spoof story about Rupert Murdoch taking his own life.

Some attacks, were less serious, the court heard.

A sexual health clinic in Newham, east London, was simply warned about security flaws because the group “liked” the National Health Service.

Return top

What is the HiddenSpider.net

The HiddenSpider.net is a website dedicated to alternative Hacker culture and underground technology. HiddenSpider.net focus on black hat, news, software and developments in the insider world of hackers. HiddenSpider is about and for the rebels and anarchists of the new digital frontier.