Arrested

Melbourne man Paul Sant has been charged with unauthorised broadcasting over to pilots over radio bands restricted to aviation users, causing one plane to abort a landing to Tullamarine Airport.

Sant, 19, is alleged to have placed 16 separate transmissions to pilots at Tullamarine and Avalon airports between 5 September and 3 November.

He faces up to a maximum 20 years jail.

The Rockbank man and one-time employee of airline Virgin Australia has been charged with four counts of endangering the safety of aircraft and one count of interference likely to endanger safety.

Media report Sant's lawyer told the court he has been diagnosed with autism and depression without medication.

Australian Federal Police (AFP) confirmed to Vulture South Sant is not alleged to have "hacked" any aviation system, contrary to reports, but merely used broadcasting equipment to make transmissions to pilots in contravention of aviation security laws.

Aviation transmission kit on eBay

Aviation transmission kit on eBay.

Aviation transmission gear capable of communicating with pilots can be bought online for around AU$ 200.

Enthusiasts regularly tune into the broadcasts which are sent unencrypted meaning no hacking is required to make transmissions.

The AFP’s crime operations head acting assistant commissioner Chris Sheehan says aviation security laws are "robust".

“The current security measures in place for the airline industry are robust, and the traveling public should be reassured we are treating this matter appropriately,” Sheehan says.

“These incidents were thoroughly investigated by the AFP with the technical support of Airservices and the Australian Communications and Media Authority. ®

Sponsored: Customer Identity and Access Management


The Register - Security

Two teenagers suspected of being members of the Lizard Squad and PoodleCorp hacking groups were arrested last month by law enforcement authorities in the United States and the Netherlands.

Zachary Buchta, of Fallston, Maryland, and Bradley Jan Willem van Rooy, of Leiden, the Netherlands, have been charged with conspiracy to cause damage to protected computers, which carries a maximum sentence of ten years in prison.

The suspects, both aged 19, have been accused by U.S. authorities of operating a service that allowed users to launch distributed denial-of-service (DDoS) attacks. They are also suspected of trafficking payment card information stolen from thousands of individuals.

The Lizard Squad and PoodleCorp are best known for massive DDoS attacks that disrupted the servers of several gaming companies, including the PlayStation Network, Xbox Live, EA and Blizzard. The Lizard Squad is also known for hacking the websites of companies such as Lenovo, Malaysia Airlines and Cox.

According to the Department of Justice, Buchta used the online monikers [email protected],” “pein,” “xotehpoodle” and “lizard,” while van Rooy used the nicknames “Uchiha,” [email protected],” “dragon” and “fox.”

The FBI’s complaint also mentions two other individuals associated with Lizard Squad and PoodleCorp. They have not been named, but they use the online monikers “Chippyshell” and “AppleJ4ck.”

The complaint also shows that Buchta was linked by investigators to the @fbiarelosers account, which had discussed the DDoS attacks in private conversations with other members of LizardSquad, based on messages sent via Twitter. Records obtained by investigators from Twitter, AT&T and Sprint linked the Twitter account to a phone number associated with Buchta’s residence.

Records from Comcast showed that his IP often connected to an overseas VPN service that had been used to access the @fbiarelosers account and the websites operated by Lizard Squad and PoodleCorp. The FBI determined that Buchta’s Comcast account had accessed the @fbiarelosers account at the exact time when it had been used to discuss DDoS attacks.

Van Rooy, who is currently in custody in the Netherlands, did not even bother to hide his real IP address, which he used to access @UchihaLS and other Twitter accounts associated with the Lizard Squad. Subscriber records allowed law enforcement to link the IP to a residence in Leiden.

In private conversations with other Twitter users, @UchihaLS said he lived above a police station and claimed that even if they could trace him, they would simply “think it as a hoax.” These messages and a photograph shared by @UchihaLS linked van Rooy to the account.

Last year, police in the UK questioned at least two individuals suspected of being involved with the Lizard Squad, but so far there is no news of a conviction. A teen in Finland, also suspected of being a member of the group, was convicted last year on fraud and harassment charges, but he only received a suspended sentence.

Authorities in the UK also arrested six individuals accused of using the Lizard Squad’s LizardStresser DDoS service.

Related: UK Crime Agency Website Downed by Hackers as Revenge

view counter

Previous Columns by Eduard Kovacs:

Tags:


SecurityWeek RSS Feed

Two Israeli nationals suspected of operating a highly profitable DDoS service were arrested last week in Israel following an investigation conducted by the U.S. Federal Bureau of Investigation (FBI).

Security blogger Brian Krebs reported on Thursday that the operators of a so-called booter service named vDOS had earned more than $ 600,000 in the past two years by launching 150,000 distributed denial-of-service (DDoS) attacks on behalf of their customers.

vDOS, whose DDoS services can be rented for between $ 20 and $ 200 per month, is believed to have been around since 2012. The service’s profits were at one time laundered through PayPal, until its operators switched to Bitcoin payments.

Krebs investigated the service and its operators after someone hacked vDOS and gained access to its databases, configuration files, and real IP addresses. Evidence uncovered by the journalist showed that two Israeli nationals named Itay Huri and Yarden Bidani were likely behind the booter.

Roughly coinciding with Krebs’ report, Israeli news websites announced that Huri and Bidani, both aged 18, had been arrested. The suspects were taken into custody on Thursday, after Israeli police was informed of their activities by the FBI.

On Friday, Krebs’ website was targeted in a DDoS attack that peaked at nearly 140 Gbps. It’s possible that the attack was conducted via vDOS by Huri and Bidani since both suspects were bailed on Friday.

Authorities seized their passwords and placed them on house arrest for 10 days. They have also been banned from using the Internet and any telecom equipment for 30 days.

Huri and Bidani, who are said to have used the aliases P1st and AppleJ4ck, don’t appear to have put too much effort into protecting their real identities, or to hide their interest for DDoS attacks. The two recently published a technical paper on DDoS attacks on the website of Israeli company Digital Whisper. Furthermore, Bidani’s personal Twitter profile lists vDOS as his website and shows a tweet about the Pentagon’s site being down due to a DDoS attack in March 2015.

The vDOS website, hosted at vdos-s.com, is currently offline. Krebs has learned that a security firm called BackConnect Security hijacked its Internet addresses in an effort to stop an attack aimed at its networks.

Related Reading: Two Men Arrested in U.S. for Hacking Emails of Top Officials

Related Reading: Nigerian Behind $ 60 Million Online Fraud Network Arrested

view counter

Previous Columns by Eduard Kovacs:

Tags:


SecurityWeek RSS Feed

Andrew Otto Boggs, aka INCURSIO, and Justin Gray Liverman, aka D3F4ULT, were arrested on charges related to their alleged roles in the computer hacking of several senior US government officials and US government computer systems.

hacking senior US government officials

According to charging documents filed with the court, Boggs and Liverman conspired with members of a hacking group that called itself “Crackas With Attitude.” From about October 2015 to February 2016, the group used social engineering techniques, including victim impersonation, to gain unlawful access to the personal online accounts of senior US government officials, their families, and several US government computer systems.

In some instances, members of the conspiracy uploaded private information that they obtained from victims’ personal accounts to public websites; made harassing phone calls to victims and their family members; and defaced victims’ social media accounts.

At least three other members of the conspiracy are located in the United Kingdom and are being investigated by the Crown Prosecution Service.

Boggs and Liverman will have their initial appearances at the federal courthouse in Alexandria next week in front of US Magistrate Judge Theresa Carroll Buchanan.


Help Net Security

Two men suspected of belonging to a network that hacked the emails of top American officials including CIA chief John Brennan were arrested Thursday in North Carolina, the authorities announced.

Andrew Otto Boggs, 22, and Justin Gray Liverman, 24, are accused of taking part in a group of hackers nicknamed the "Crackas With Attitude," a Justice Department statement said.

Members of the network illegally accessed the personal data of the officials and their families between October 2015 and February 2016, downloading private information and then publishing it on public sites or harassing their victims by telephone, according to the department.

At least three members of the group reside in Britain, where they are under investigation, the department said.

Boggs, who uses the alias "INCURSIO," and Liverman, who goes by "D3F4ULT," are to appear next week before a federal court in Virginia to answer to the charges.

In October 2015, the WikiLeaks organization published documents drawn from Brennan's personal emails. He expressed "outrage" over the cyber-attack, saying he had not been irresponsible in his use of a personal email account.

Police in Britain investigating the matter, in February arrested a 16-year-old student suspected of involvement.

CNN and the technology website Motherboard reported at the time that the targets of "Crackas With Attitude" included top CIA officials like Brennan, as well as senior figures in the FBI, the Homeland Security Department, the White House and other federal agencies.

In January, the US director of national intelligence James Clapper said that he, too, had been the victim of cyber pirates who had gained access to the personal account he used for internet and telephone service, managing even to intercept phone calls from his home, Motherboard reported. 

view counter

© AFP 2016

Tags:


SecurityWeek RSS Feed