Saturday, December 25, 2010
Gather round and hear the story of how a hacker outsmarts a criminal. [Zoz] was robbed and they got his desktop computer. Gone, right? Nope. Because of a peculiar combination of his computer’s configuration, and the stupidity of the criminal, he got it back. He shares the tale during his Defcon 18 talk (PDF), the video is embedded after the break.
[Zoz's] first bit of luck came because he had set up the machine to use a dynamic DNS service, updated via a script. Since the criminal didn’t wipe the hard drive he was able to find the machine online. From there he discovered that he could SSH into it, and even use VNC to eavesdrop on the new owner. This, along with a keylogger he installed, got him all the information he needed; the guy’s name, birth date, login and password information for websites, and most importantly his street address. He passed along this juicy data to police and they managed to recover the system.
[Thanks Ferdinand via Gizmodo]
Filed under: cons, security hacks