Topic: Hackers turn the tables on cops, hack police computers

[JackFrost]

It doesn't pay to brag if you're a cop.

Police officers in Australia found themselves on the receiving end of hackers they were trying to prosecute after leaving a password for their computers blank.

Hackers broke into police computers after police bragged that they had taken down a number of hackers in Brighton, Melbourne, on the website r00t-y0u.org. Trouble is, they didn't seem to protect themselves from their own targets. After getting search warrants to target the site's administrators, they found that the alleged hackers were already onto them.

The Sydney Morning Herald noted in an exclusive Tuesday:

    What the federal police did not know was that hackers had already cottoned on to their plan... (a) hacker wrote "I couldn't stop laughing" on seeing that the federal police's server was running Windows, which is known among hacker communities for being insecure. Police had also "left the MYSQL password blank".

    "These dipshits are using an automatic digital forensics and incident response tool," the hacker wrote. "All of this had been done within 30-40 minutes. Could of been faster if I didn't stop to laugh so much." ...

The hackers also mocked police for bragging about their sting, asserting that the police officers' claims were overblown.

    [One alleged] hacker slammed the federal police for "making it sound like they can bust 'hackers', when all they have done is busted a COUPLE script kiddies". "Script kiddies" is hacker parlance for novice hackers.

    The second of these messages contained several links to screenshots allegedly proving that the writer had access to the federal police's server.

    These included shots of files containing fake IDs and stolen credit card numbers, as well as the federal police's server information.

A posting on the r00t forum now alleges the site has been monitored and that all postings have been logged. But the tech site The Register suggests that the message has been posted by a hacker defacing the site, or as part of a mockery of the police's efforts.

"This underground form [sic] has been monitored by law enforcement - every post, private message and all registration information has been captured," the message reads. "All member IP addressed and have been logged and identification processes are now underway.

"The creation and distribution of malware, denial of service attacks and accessing stolen information are serious crimes," it continues.

"Every movement on this forum has been tracked and where there is information to suggest a person has committed a criminal act, referrals will be forwarded to the relevant authority in each jurisdiction," it adds. "There have already been a number of arrests as a result of current investigations. This message should serve as a warning not to engage in criminal activity."

-John Byrne

[ohcheap1]

Iiiiiiiiii'm speechless. Wow.

[laama]

Hackers are too arrogant in this case,they might get eat their own words.

[dweez]

I'm speechless too.  Those "hackers" are fairly lame themselves.  True hackers (which is a misnomer anyway since the term "hacker" actually references a "good programmer") would have done more and more subtly.  It both cracks me up and pisses me off at the same time at how ignorant (read as: uninformed, unknowing, not as "idiot" or "moron) people are of this internet subculture, oft times people who claim to be part of it themselves.

It's not the bragging hackers like those reported about that scare me.  It's the ones you never hear anything from that make me nervous.  The ones I think of when I look over security logs and think "Wait, this seems a little off but I'm not sure" that make me rebuild systems from scratch.

[smokester]

MySQL is meant to have a password set? 

golly!!

[Robin-Graves]

Smokey cursed!!!! Its one of the thirteen signs of the Slorg Rebelion!!!!!!


Oh well..
Ill tell you this much,, a real "hacker" will never be known as one.
Youll never hear them brag about anything even related.
Just because someone can spoof a password, build a randomizer to access passcodes, or run a "ghost program" doesnt make one a " hacker".

Ive learned Unix in the past, and according to some authorities that would put me on a " threat list" for hacking systems.
That doesnt make anyone a " hacker " ( or as I like to call them,, Information retrieval Specialists lol).
 Besides, hacking is wrong and illegal,, and should not be done.
Hackers are EVIL!!!  ( looking like im so damn inocent)

[JackFrost]

I'm glad that you guys saw the reason I posted this:

On both sides of the equation are morons.

[Discover99]

what a story  

i second dweezs' opinion

[laama]

MySQL is meant to have a password set? 

golly!!

[Robin-Graves]

I know a few today that try to pass themselves off as hackers just because they can fish passwords.
Takes more than that to be anything special.

[mishca09]

i soo loved the movie hackers.

[dweez]

I loved "Hackers" too but after being in the IT community for years, you see how ridiculous the "hacking" part of movies are.  Some of the stuff is sort of legit, like Trinity hacking in Matrix 2 and some of the stuff in Live Free or Die Hard, but the speed at which it is accomplished is pure BS.  Speaking of Die Hard, my wallpaper right now is a screen cap from the movie showing Justin Long's character using nmap to do SYN Stealth port scans on a couple IP Address looking for ports open for SSH (22TCP), web servers (80TCP), and DNS servers (53TCP).

You can see where other movies have used nmap at nmap's own site.

http://nmap.org/movies.html

[indie180]

Movies like HaXXXor Volume 1: No Longer Floppy with chapter's like "Naked Dumpster Diving" 

[laama]

I know personally few hackers and they don't be arrogant and they never release what they have done.

This case looks like few schoolboys are penetrated in to police systems with good luck and dump cops are helping them a lot.

[Robin-Graves]

True