How a hacker mocked a criminal who stole his PC
Hacker under the nickname Zoz spoke at the conference Defcon 18 with a 20-minute story, as he was able to detect the desktop, stolen a year ago. The story is really unusual ( presentation slides , video (see from 3:15)).
Zoz has been tracking for months when components with serial numbers appear at auctions somewhere, but without success. The DynDNS service account (domain binding to a dynamic IP address) also showed no signs of life. After 30 days, they sent a letter that if you want to keep your account in the mode of inactivity, then you need to buy an upgrade to the Pro version. In October 2009, Zoz did it - and luck turned his face.
May 7, 2010 in the DynDNS account there was a strange record.
')
Zoz made a query to the DNS ...
... after which he successfully logged in to his own computer via SSH.
Then the fun began. On his native Mac OS X desktop, he immediately discovered several new files and folders. It was a Realm of Warfare game, unemployment benefit files, and a bunch of personal photos. But this was not enough, so I had to put a keylogger on the machine.
Soon passwords were obtained from all sites that the victim visits. As it turned out, his name is Melvin Guzman. Interestingly, on all sites he had the same password guzman85.
Zoz found out a lot of interesting things about the new owner of his computer, including the full contents of his mailbox, photos of his naked girl, PayPal payments, Internet banking password, access to Facebook profile and, most importantly, home address.
Further was a matter of technology (the police call decided everything).
Zoz has been tracking for months when components with serial numbers appear at auctions somewhere, but without success. The DynDNS service account (domain binding to a dynamic IP address) also showed no signs of life. After 30 days, they sent a letter that if you want to keep your account in the mode of inactivity, then you need to buy an upgrade to the Pro version. In October 2009, Zoz did it - and luck turned his face.
May 7, 2010 in the DynDNS account there was a strange record.
')
Zoz made a query to the DNS ...
... after which he successfully logged in to his own computer via SSH.
Then the fun began. On his native Mac OS X desktop, he immediately discovered several new files and folders. It was a Realm of Warfare game, unemployment benefit files, and a bunch of personal photos. But this was not enough, so I had to put a keylogger on the machine.
Soon passwords were obtained from all sites that the victim visits. As it turned out, his name is Melvin Guzman. Interestingly, on all sites he had the same password guzman85.
Zoz found out a lot of interesting things about the new owner of his computer, including the full contents of his mailbox, photos of his naked girl, PayPal payments, Internet banking password, access to Facebook profile and, most importantly, home address.
Further was a matter of technology (the police call decided everything).
Source: https://habr.com/ru/post/110754/
All Articles