Information Security, Ethical Hacking, website Security, Database Security, IT Audit and Compliance, Security news, Programming, Linux and Security.
Friday, 25 April 2014
FBI informant linked to foreign website hacking: Report
A hacker who became an informant for the Federal Bureau of Investigation (FBI) directed hundreds of cyber attacks against the websites of foreign governments, including Brazil, Iran, Pakistan, Syria and Turkey; the New York Times reported today.
It was unclear whether the FBI explicitly ordered the digital attacks, but court documents and interviews suggest ”that the government may have used hackers to gather intelligence overseas,” the Times wrote.
The figure at the centre of the case is Hector Xavier Monsegur, who had become a prominent hacker with the activist group Anonymous, which has staged cyber assaults on MasterCard, PayPal and other commercial and government targets.
Monsegur was arrested by the FBI and became an informant, helping the law enforcement agency identify other members of
Anonymous.
Monsegur instructed a fellow hacker, Jeremy Hammond, to extract data from a long list of foreign government websites. And then that information which included bank records and login details was uploaded to a server “monitored” by the FBI, the Times reported, citing court papers.
The vast target list for hacking added up to more than 2,000 Internet domains, including the Polish Embassy in Britain and the electricity ministry in Iraq, according to an uncensored court document cited by the Times.
Monsegur and Hammond had previously worked together to sabotage servers for Strafor Global Intelligence, an intelligence consultant firm based in Austin, Texas.
“After Stratfor, it was pretty much out of control in terms of targets we had access to,” Hammond told the Times in an interview from a federal prison in Kentucky, where he is serving a 10-year sentence for the Stratfor attack and other hacking.
Hammond said he and Monsegur learned of a vulnerability that could be exploited in web-hosting software called Plesk, which permitted back door access to thousands of websites.
A court sentencing statement said that Monsegur directed other hackers to pull data from Syrian government sites, including banks and various ministries, according to the Times.
“The FBI took advantage of hackers who wanted to help and support the Syrian people against the Assad regime, who instead unwittingly provided the US government access to Syrian systems,” said the court statement quoted by the Times.
Monsegur’s location is unknown and his sentencing hearing has been delayed repeatedly, fuelling speculation that he remains an informant for the US government, the Times wrote.
The report reinforces allegations that the US government has exploited flaws in Internet security to spy on foreign targets.
The FBI was not immediately available for comment.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment