lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 13 Jan 2004 23:46:56 -0600
From: Jimi Thompson <jimit@...ealbox.com>
To: Gadi Evron <ge@...tistical.reprehensible.net>
Cc: bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com
Subject: Re: [Fwd: [TH-research] OT: Israeli Post Office break-in]


My favorite lately was the attempted compromise of the linux kernel 
that's currently in development.  Apparently the "backdoor" was a 
whopping 2 lines of code.

I've seem some other things lately that makes me think that the recently 
issued kernel may already be compromised.  I'm hoping I'm wrong about that.

Jimi

Gadi Evron wrote:

> I thought this story might interest some of you. See forwarded message 
> below.
>
>     Gadi Evron.
>
>
> Date: Sat, 10 Jan 2004 19:23:15 -0800
> From: Gadi Evron <ge@...uxbox.org>
> To: th-research
> Subject: [TH-research] OT: Israeli Post Office break-in
>
>
> Mail from Gadi Evron <ge@...uxbox.org>
>
> This is completely off-topic, but very interesting.
>
> Apparently there was a break-in in a branch of the Israeli Post Office.
>
> The offenders placed a wire-less gateway connected to a switch inside,
> and through it stole a few tens of thousands of Shekels in the few days
> they were in operation (the Israeli Post Office is a sort of a small 
> bank).
>
> They only managed to run this operation for a few days.. I guess people
> noticed that contraption connected to their switch. Although it looks
> very much like a legit piece of hardware.
> Another option is that someone talked too much, or they were already
> under investigation.
> I find it hard to believe that they were located due to the break-in to
> the network itself, as crude as it was.
>
> Once again we get a glimpse into a far smarter world of computer related
> crime. Always makes me wonder about what *else* is out there, that we do
> not hear about.
>
> Last item I heard of was the theft of Face Recognition servers holding
> terrorism-related databases from an Australian airport. There was the
> Industrial Espionage bit using Trojan horses as well.
>
>     Gadi.
>
> -
> TH-Research, the Trojan Horses Research mailing list.
> List home page: http://ecompute.org/th-list
>



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ