geschonneck.com » Stories

Stealing Credit and Debit Card Numbers

Alexander Geschonneck — Wed, 14 May 2008 10:23:27 +0000

According to a US DoJ press release 3 crackers have been charged in a federal grand jury indictment and complaint with illegally accessing the computer systems of a national restaurant chain and stealing credit and debit card numbers from that system. They indicted for hacking into cash register terminals at several Dave & Busters restaurants at various locations around the US in order to acquire credit and debit card information with packet sniffers.

Full press release

Could have been worse?

Alexander Geschonneck — Tue, 13 May 2008 12:34:18 +0000

No, this time not in the UK. A cracker has posted some online databases containing personal information on 6 million Chilean residents. According to the Chilean technology blog Fayerwayer.com, the cracker, who calls himself “Anonymous Coward” posted three compressed files of data that included names, addresses, telephone numbers and taxpayer identification numbers for Chilean residents. Doh.

nice geeky captchas

Alexander Geschonneck — Sun, 23 Mar 2008 12:57:21 +0000

If you are good at math, you wont have problems signing in at the Ruđer Bošković Institute Quantum Random Bit Generator.

CAPTCHA = Completely Automated Public Turing test to tell Computers and Humans Apart

illegal migrants in security jobs

Alexander Geschonneck — Sun, 16 Dec 2007 16:43:17 +0000

A couple of weeks ago I read an british article about the fact, that thousands of illegal migrants may have been working for private security companies in the last three years in the UK. Badly enough, that up to 5,000 people without a proper background check and with unverified criminal records may infiltrating the industry. My thoughts about this story: What if the government starts to “blackmail” the illegal migrants?

WTF is Microsoft doing with the Last Access Timestamp on Vista?

Alexander Geschonneck — Tue, 20 Nov 2007 07:52:11 +0000

I recently discovered, that Microsoft destroyed a most valuable digital forensics evidence source on NTFS filesystems with Vista. The default registry key value for HKEY_LOCAL_MACHINE\SYSTEM\ CurrentControlSet \ Control\FileSystem\NtfsDisableLastAccessUpdate is now “1″, which means no last access timestamp will be written at all. On Windows XP and Windows 2000 the key was “0″ on default. Microsoft ddeid it likely for performance reasons and made the investigators instantly half blind with this silly decision. Well, now the computer forensics tool vendors have to digg deeper into NTFS TxF . Me too.

WabiSabiLabi founder jailed

Alexander Geschonneck — Mon, 12 Nov 2007 18:08:23 +0000

The WabiSabiLabi founder was jailed, not for putting a bidding system for exploits online, but rather on spying charges. Italian news media reported that Roberto Preatoni was arrested on Nov. 5 and charged with unauthorized access to computer systems and wiretapping. According to this news reports, Preatoni’s problems stemmed from penetration-testing work on Telecom Italia’s information security system that he was doing as a contractor. Members of his former company have been also charged with intercepting communications and spying on Carla Cico—the Italian-born CEO of Brasil Telecom—the Kroll investigative agency, and a couple of journalists.

Well, I’ll keep checking on this story.

via eWeek

Fun with Airline Media Systems

Alexander Geschonneck — Fri, 01 Jun 2007 08:57:40 +0000

During my flight back from California to Berlin, the inflight entertainment system gone wild. It runs on Windows CE and I accidently managed to reboot the media client. This is its reboot information.

Loading via Xmodem:

Getting IP config and the boot image via TFTP:

Starting Windows CE:

Welcome screen:

Assess It All, Or Lose It All

Alexander Geschonneck — Tue, 13 Mar 2007 10:51:02 +0000

Security Monkey published a good case study about evidence seizure and what happens, if you forget to asses all relevant system data after a security incident occurs.SecurityMonkey’s conslusion should be printed bold: Exclude pieces of your systems from assessments with care.

via

Scammin the ATM machine

Alexander Geschonneck — Mon, 19 Feb 2007 16:47:33 +0000

I know, no news, but this british TV report shows how ATM skimming works and they have some real devices too.

Direct link to the video

should law enforcement hack?

Alexander Geschonneck — Sat, 17 Feb 2007 07:37:17 +0000

In Germany we have an ongoing discussion about the question: should police or law enforment hack? Germany’s supreme court determined this month that police may not secretly hack into suspects’ computers. F-Secure made a quick poll on this issue (I guess not in the law enforcement community):

After analysing all answers, F-Secure stated: “Germans were the least approving of police using hacking techniques, while Britons were the most willing.”

Not surprising.

via

Industrial Espionage in practice

Alexander Geschonneck — Sun, 26 Nov 2006 14:47:58 +0000

Earlier this year I caught a cleaner with its hands in the cookie jar. Dumpster diving photographic evidence is here, here and here. Read my full report

in German on digital-forensics.de

Stealing Money from a ATM using a MP3 Player

Alexander Geschonneck — Sat, 25 Nov 2006 19:34:44 +0000

According to TIMES a fraudster outwitted sophisticated banking security systems by using an ordinary MP3 music player to bug cash machines and steal customers’ credit card secrets.

The fraudster or other gang members would use MP3 portable music players to record data transmitted from free-standing ATM cash machines. The data was then converted to readable numbers using a separate computer programme.

The phone line running from the machine to an ordinary BT white socket was unplugged and a two-way adaptor inserted. The MP3 player was then placed between the ATM machine’s output cable and the phone socket.

The player would record the tones, which resemble the kind of sound emitted by a fax machine.

[...]

The gang targeted freestanding ATM machines in bars, bingo halls and bowling alleys.

Here is a picture from TIMES:

via Times Online