Monday, 17 November 2014

Hacker Hammond's laptop protected by pet password

Former LulzSec member Jeremy Hammond - once the FBI's most wanted and charged with hacking security firm Stratfor - seems to have failed to prevent police accessing his laptop due to a poor password.
During a police raid in March 2012 he raced through a friend's Chicago home to shut and lock his laptop.
But the effort appeared in vain Hammond, 29, told the Associated Press, as his password was both short and likely predictable: 'Chewy123', taken from the name of his cat.
"My password was really weak," Hammond said from Manchester Federal Prison.
That password according to one password strength tool had 25.6 bits of entropy and was graded as very weak. It was made weaker still given that passwords of a personal nature made guessing easier.
Hammond, who was undone by fellow LulzSec hacker turned FBI informant Hector Xavier Monsegur, was sentenced to the maximum 10 years prison under his guilty plea deal.
Hammond says the Stratfor hack involved a dozen people, including the still-unnamed instigator. A cache of 5.2 million emails and account data on 860,000 people, along with 60,000 credit cards, leaked to the web.
It revealed alleged surveillance by the intelligence contractor on Occupy Wall Street protesters, explosive diplomatic and military allegations including that Israel and Russia exchanged drone and missile codes sold to Georgia and Iran, and corporate spying on activists.
Hammond recapped his motivations for his activism and later hacking of corporate and government infrastructure and pondered the harm brought by trained state-sponsored hackers considering the damage done by the small but talented LulzSec hacker outfit.
"If I was capable of doing these things on my own or with my team, what about a well-financed team that trained for years?"

No comments:

Post a Comment