True tales of (mostly) white-hat hacking

Stings, penetration pwns, spy games -- it's all in a day's work along the thin gray line of IT security

By Roger A. Grimes, InfoWorld |  Security

The incident didn't end there. I contacted the originator of the email and gave him some ill-achieved props. I had noticed he was bragging about his exploit on an IRC hacker channel and spreading his creation to dozens of websites. I told him that Microsoft was working on a fix and all the AV companies were releasing signatures. Needless to say, he wasn't happy.

He then tried to hack my personal computer network, having acquired the IP address from his initial backdoor Trojan. He launched every malicious attack anyone could think of at the time, including DDoS attacks. When he couldn't break into my network, he began attacking people and companies I did business with, using my IP address. For example, the hacker was successful in getting Apple to ban my IP address from connecting to its networks, preventing me from picking up new music from iTunes. No amount of emails with Apple would fix the problem, and eventually I was forced to get another IP address from my ISP.

I investigated the hacker, reading emails he had posted in a few hacker forums and on legitimate websites. What I found was that he was an overly zealous high school kid in the Midwest who thought he was a better hacker than he really was. Even "his" zero day was created by someone else. He just passed it along and claimed credit.

After a few more weeks of computer attacks, I sent him an email asking him to stop. He was surprised I had his email address. I responded with his real name, high school, and mailing address. I politely asked that he stop hacking me. He responded by launching even more attacks and attacking more companies using my new IP address. He was getting annoying. It was time to turn the tables.

I figured out what firewall he used to protect himself. I remembered having seen that it had recently had a remote buffer overflow announced in a public forum. This next step probably isn't legal, but I used the buffer overflow to break into his computer. I created a batch file with commands that would format his hard drive the next time he rebooted, except I remarked out (REM'd) the lines so they would not take affect. I then sent him an email and told him of this "kill" batch file that I had placed on his local hard drive.

He was stunned. I told him that there were lots of smart hackers in this world and he wasn't the only one who knew how to get onto other people's system. I then politely asked that he stop attacking not only my system, but anyone's system, and to turn his curiosity into legal ends. He agreed. As far as I know, he didn't do any illegal hacking anymore.


Originally published on InfoWorld |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

SecurityWhite Papers & Webcasts

See more White Papers | Webcasts

Answers - Powered by ITworld

Ask a Question
randomness