Federal officials have accused a Dutch man of hacking into a New Hampshire-based game company, tampering with sensitive user data, and using the stolen source code to start a competing online game.
Anil Kheda, 24, of the Netherlands, began his hacking spree in November 2007 after one of his accounts was deleted from Outwar (an online role-playing game with 75,000 active players), according to documents filed in US District Court in New Hampshire. Prosecutors allege that two months later, he started a competing game called Outcraft using source code obtained from the hacked servers. The game earned Kheda at least $10,000 in profits. Over the next nine months, he allegedly continued the hacks and agreed to stop only if the hacked company—Portsmouth, New Hampshire-based Rampid Interactive—paid him money and provided other benefits.
According to prosecutors, Kheda claimed to have found vulnerabilities in Rampid’s network and the Outwar source code that allowed him to gain administrator access to the underlying functions of the game. His ability to repeatedly delete a user database seemed to indicate his claims were at least partially true. The tampering caused Outwar to go down for a total of about two weeks over the nine-month stretch, causing Rampid to incur more than $100,000 in lost revenue, wages, and other costs, according to prosecutors.
Why would a network engineer route all of his employer’s traffic through his home RoadRunner cable modem? “You can direct where your traffic is going, and we found out that he’d sent the traffic home to ensure that his routing patterns at work were correct,” Saccavino told InformationWeek in a recent interview. But after a week, Saccavino said, he’d forgotten to turn it off.
During the week or so in 2005 that all brokerage traffic was being piped through the home router, the data being sent by GunnAllen’s 200 or so employees included bank routing information, account balances, account and social security numbers, and customers’ home addresses and driver’s license numbers, says Roger Sago, a former Revere Group SQL Server database administrator who was working at the GunnAllen offices at the time. Sago was in charge of defining the data stream to and from Pershing (a unit of Bank of New York Mellon that provides prime brokerage and other services to financial services organizations), which involved thousands of transactions per day. “They transmitted it over the system, online, to the clearinghouse, and if anyone had access to that data … the ramifications would be huge,” Sago said. “There’s enough data there that a person could run off and live forever off of what they found.”
A US hacker who sold access to thousands of hijacked home computers has been jailed for 30 months.Joshua Schichtel of Phoenix, Arizona, was sentenced for renting out more than 72,000 PCs that he had taken over using computer viruses.Millions of PCs are enrolled in these networks, known as botnets, and many help to send out junk mail messages.Schichtels customers installed their own malicious software on the PCs to aid their own cybercrime efforts.
Making small talk with your pot dealer sucks. Buying cocaine can get you shot. What if you could buy and sell drugs online like books or light bulbs? Now you can: Welcome to Silk Road.