Russian Gangs Play Hack the Admin
Results 1 to 5 of 5

Thread: Russian Gangs Play Hack the Admin

  1. #1
    Senior Member phernandez's Avatar
    Join Date
    Aug 2003
    Location
    NYC
    Posts
    246

    Russian Gangs Play Hack the Admin

    Why go after end-users when you can ensnare them all in one fell swoop?

    Russian Gang Hijacking PCs in Vast Scheme - The New York Times

    As part of his investigation, Mr. Stewart charted the rate of computer infections at a state police agency and a large hotel chain. Both were victims of an outbreak that began after the gang obtained the password and login information of their network administrators. In both cases hundreds or thousands of computers were infected within minutes or hours.

    Mr. Stewart would not name the organizations because of the continuing law enforcement investigation.

    In these examples as well as a range of others, the gang infected a machine belonging to an administrator and then used Microsoft administrative tools to infect all the computers for which that person had responsibility, Mr. Stewart said.

  2. #2
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    Makes perfect sense to me. The admin probably had the ability to disable certain AV signatures on a wide basis too. Seems like it would have been a very efficient hack.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  3. #3
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    “Many corporations seem to think it’s O.K. to be infected several times a month.”
    Oh yes - Try telling a company to jack up their AV or security and it goes in one ear and out the other. Even if they are infected, if they are running at a productive level they couldnt care.

    Black Hat Briefings computer security conference that begins Thursday in Las Vegas.
    Maybe one of you guys can catch em :P

    The new attack is a byproduct of the way modern computer networks are administered, where authority is centralized and software updates for thousands of machines are automated.
    So is he saying the old conventional way of each PC having its own admin password is the best security, so if one PC is infected the rest are safe until they are cracked?

    Thanks for the article
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  4. #4
    Junior Member
    Join Date
    Nov 2004
    Posts
    18
    Quote Originally Posted by Cider
    Oh yes - Try telling a company to jack up their AV or security and it goes in one ear and out the other. Even if they are infected, if they are running at a productive level they couldnt care.
    I cant tell... sarcasm?

  5. #5
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    More cynical I would have said, but unfortunately true.

    There are numerous organisations that accept malware infections as a matter of course. So long as it does not affect their operations dramatically or drop them into regulatory compliance difficulties. They tacitly allow employees to surf the net, run P2P applications, visit their social networking sites and access their private e-mail accounts.

    So is he saying the old conventional way of each PC having its own admin password is the best security, so if one PC is infected the rest are safe until they are cracked?
    I don't think so. In those environments there was always a super administrator account. Pretty much the same as compromising the network administrator and central updating mechanism.

    There is also bad stuff that crawls over the network with "system" rights?

    Part of the issue might be that the nature of malware has changed? These days it is very commercial, criminal and stealthy. If we were still in the days of viruses with malicious payloads and worms that choked your bandwidth bringing whole businesses to a halt, then I think that management attitudes would be rather different.

    Another thought is that the way we use computers has changed. We now have thin clients, network applications and web-based applications as commonplace. Basically the more you communicate and the more ways in which you do so, the more doors you leave open.

    When I repair or upgrade a machine I routinely scan it for malware, and it is amazing the amount of stuff that I find that the owner just isn't aware of because it doesn't have any noticeable effect on their computer usage........... other than maybe it running a bit slower?

Similar Threads

  1. Port List
    By ThePreacher in forum Miscellaneous Security Discussions
    Replies: 17
    Last Post: December 14th, 2006, 09:37 PM
  2. Bastard system Admin From Michigan 5
    By gore in forum Tech Humor
    Replies: 8
    Last Post: January 6th, 2003, 01:37 AM
  3. Bastard system admin form Michigan 3
    By gore in forum Tech Humor
    Replies: 8
    Last Post: December 27th, 2002, 03:18 PM
  4. Admin? what admin?
    By istar in forum AntiOnline's General Chit Chat
    Replies: 3
    Last Post: November 5th, 2002, 02:47 PM
  5. The Worlds Longest Thread!
    By Noble Hamlet in forum AntiOnline's General Chit Chat
    Replies: 1100
    Last Post: March 17th, 2002, 09:38 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •