The folks from Wired have inspired us to write an article about the hacks that made a lot of headlines but in the end turned out to be fakes. Yes, we know that 2012 is not over yet and we’ll probably see other fake “epic hacks,” but let’s take a quick look at what has happened so far.
Chronologically, the first – back in February - was the one where Anonymous hackers threatened to take down the entire Internet by attacking the 13 root DNS servers. News websites from all over the world picked up the story and experts started arguing about the validity of their claims, but in the end it turned out to be nothing more than a threat.
At the beginning of June, rumors started circulating that 130 zero-days were leaked from French security firm VUPEN. The company’s CEO and Head of Research Chaouki Bekrar immediately denied the unfounded claims.
They allegedly gained access to the account by social engineering one of the employees. Mark Monitor denied being breached, but there was one even more important clue that indicated that UGNazi was, at least partly, lying.
The hackers provided Softpedia with the emails that demonstrated the fact that the staffer in question admitted to being duped. However, after closely analyzing the emails, we determined that they were sent by the hackers themselves using a spoofing service and not by a real Mark Monitor employee.
On June 19, the world learned that a hacker called Reckz0r was claiming to have gained access to the systems of 79 banks. It had later turned out that the information he had leaked was actually stolen from other, older hacks.
However, at the time, most media outlets picked up the story, Mastercard and Visa – the companies he initially claimed to have breached – launching investigations to verify if their systems had indeed been penetrated.
A few days later, on June 22, Twitter experienced an outage. Almost immediately, the then-infamous UGNazi collective took credit for the downtime.
The social media company blamed a “cascading bug” for the incident, denying that hackers were involved. UGNazi were known to take down important websites with DDOS attacks, but taking down Twitter certainly wouldn’t be as easy as taking down the website of the State of Washington.
Moving forward to August 16. On this day, a hacker who claimed to be “the man behind Anonymous” took credit for breaching the Sony PlayStation Network. However, the information he published – allegedly the details of 10 million customers - appeared to be taken from older breaches.
Finally, on August 20, the collective known as R00tBeer Security Team claimed to have penetrated the networks of Philips. The electronics company and security researcher Janne Ahlberg investigated the claims and determined that the details they published online were actually the same as the ones leaked in February when the organization really suffered a breach.
So that’s about it so far. In case we forgot about an incident, let us know and we’ll be sure to add it to the “fake hacks of the year” piece we’ll write at the end of 2012.
Via: Epic Hacks of 2012: Fakes, False Rumors and Unfounded Threats
Tidak ada komentar:
Posting Komentar