Interview With A Convicted Hacker:
Results 1 to 5 of 5

Thread: Interview With A Convicted Hacker:

  1. #1
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003

    Post Interview With A Convicted Hacker:

    Interview With A Convicted Hacker: Robert Moore Tells How He Broke Into Routers And Stole VoIP Services.
    On his way to federal prison, the 23-year-old hacker says breaking into computers at telecom companies and major corporations was "so easy a caveman could do it."
    Or those ol' fashioned Point 'N Click script kiddies..

    Convicted hacker Robert Moore, who is set to go to federal prison this week, says breaking into 15 telecommunications companies and hundreds of businesses worldwide was incredibly easy because simple IT mistakes left gaping technical holes. Moore, 23, of Spokane, Wash., pleaded guilty to conspiracy to commit computer fraud and is slated to begin his two-year sentence on Thursday for his part in a scheme to steal voice over IP services and sell them through a separate company. While prosecutors call co-conspirator Edwin Pena the mastermind of the operation, Moore acted as the hacker, admittedly scanning and breaking into telecom companies and other corporations around the world.
    "It's so easy. It's so easy a caveman can do it," Moore told InformationWeek, laughing. "When you've got that many computers at your fingertips, you'd be surprised how many are insecure."
    Pena, who is charged with acting as a legitimate wholesaler of Internet-based phone services as part of what the government called a "sophisticated fraud," fled the country a year ago and is wanted as a fugitive. Assistant U.S. Attorney Erez Liebermann said Pena allegedly stole and then sold more than 10 million minutes of service at deeply discounted rates, netting more than $1 million from the scheme.
    Acting as the operation's technical muscle only netted Moore $20,000 of the haul, according to Moore.
    The government identified more than 15 VoIP service providers that were hacked into, adding that Moore scanned more than 6 million computers just between June and October of 2005.AT&T (NYSE: T) reported to the court that Moore ran 6 million scans on its network alone.
    However, the names of the companies Moore and Pena hacked into don't appear in the court documents--aliases are used instead--and Moore said he wasn't at liberty to identify them publicly.
    Liebermann noted that one small telecom went out of business because of expenses the company incurred during the break-in. The company legitimately routed its own VoIP traffic through a larger telecom and was forced to pay the other company for the calls that Pena and Moore fraudulently sent through their network. "They had to eat the bill and were unable to remain in business," added Liebermann.
    Default Passwords: A Hacker's Dream
    Moore said what made the hacking job so easy was that 70% of all the companies he scanned were insecure, and 45% to 50% of VoIP providers were insecure. The biggest insecurity? Default passwords.
    "I'd say 85% of them were misconfigured routers. They had the default passwords on them," said Moore. "You would not believe the number of routers that had 'admin' or 'Cisco0' as passwords on them. We could get full access to aCisco (NSDQ: CSCO) box with enabled access so you can do whatever you want to the box. ... We also targeted Mera, a Web-based switch. It turns any computer basically into a switch so you could do the calls through it. We found the default password for it. We would take that and I'd write a scanner for Mera boxes and we'd run the password against it to try to log in, and basically we could get in almost every time. Then we'd have all sorts of information, basically the whole database, right at our fingertips."

    Continue the rest of the story at

    Rest Of Article.

  2. #2
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Redondo Beach, CA
    Default passwords yet again are the issue. It isn't that he may or may not be brilliant but rather that who he attacked was rather lazy and stupid when it came to simple security settings.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  3. #3
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    United Kingdom: Bridlington
    It isn't that he may or may not be brilliant
    I don't have to worry about the position of the soap for the next two years

    that's "brilliant"

    And the other guy walks with a cool mil. ?

  4. #4
    AO's MMA Fanatic! Computernerd22's Avatar
    Join Date
    Mar 2003
    Miami, FL
    I don't have to worry about the position of the soap for the next two years

    I bet he don't have to either. He is going to 'Federal' Prison not State Prison. If he went to state prison then yes I might agree with you. However, they will not throw his nerdy a$$ in *population* hell he will probably get a work camp program or in the 'hole' (isolation from population).

  5. #5
    Dissident 4dm1n brokencrow's Avatar
    Join Date
    Feb 2004
    Shawnee country
    "When you've got that many computers at your fingertips,
    you'd be surprised how many are insecure."

    Not me. After a year in an IT dep't whose budget has been butchered
    for so long, nothing surprises me. I've seen everything from two-month-old
    scanned bank transfers sitting on a public server to improperly secured
    WAP's. It's made me a bit jaded and rather sceptical that execs have much
    of a concept of managing IT.
    “Everybody is ignorant, only on different subjects.” — Will Rogers

Similar Threads

  1. Ethical Hacking!
    By E5C4P3 in forum AntiOnline's General Chit Chat
    Replies: 33
    Last Post: January 16th, 2008, 11:40 PM
  2. Hacker Paper
    By Aden in forum AntiOnline's General Chit Chat
    Replies: 13
    Last Post: April 28th, 2004, 03:40 PM
  3. hacker being
    By Anatra in forum AntiOnline's General Chit Chat
    Replies: 4
    Last Post: March 31st, 2003, 11:48 AM
  4. Newbies, list of many words definitions.
    By -DaRK-RaiDeR- in forum Newbie Security Questions
    Replies: 9
    Last Post: December 14th, 2002, 07:38 PM
  5. how to be a hacker
    By TURBOWEST in forum The Security Tutorials Forum
    Replies: 4
    Last Post: September 23rd, 2002, 05:46 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts