June 11, 2007

Stupid hacker tricks

Looking to enter a life of cybercrime? Beware the boneheaded miscues of these infamous cyberschnooks

The annals of crime are rife with tales of heists pulled off by enterprising criminal minds. But for every caper carried out with style and smarts, there are hundreds of imprisoned examples of the boneheaded desperado -- guys too greedy, too hasty, or just too brain dead to pull off their nefarious deeds without getting caught.

[ Young, dumb, and busted: Part 2 of our "Stupid hackers" series exposes the folly of youth ]

You might be tempted to believe online crime would be the exception. After all, it takes a more sophisticated criminal mind to perpetrate a complex phishing scheme than to, say, rob a bank while chatting on a cell phone. But as any IT pro knows, the more complexity you add to a system, the more likely it is that system will fail in unanticipated ways. The same rule applies to criminals who employ complex webs of technology to further their misdeeds. And besides, despite their reliance on technology, cyberoutlaws are not robots themselves. More often than not it's what makes them human -- greed, an inflated ego, loose lips -- that ends up getting the better of them.

[ For more IT-related idiocy, check out Stupid user tricks and More stupider user tricks redux | Talkback: Share your tricks ]

So, if you're responsible for protecting your company's electronic assets, or you're considering that long-fantasized career change to the Dark Side, we've compiled a short list of the dumb and the dumber: infamous hackers and scammers and the tricks they tried to pull. Any security professional worth his or her salt should be able to avoid these kinds of schemes. But if you fell (or fall) for one, you're by no means alone: to badly mangle P.T. Barnum, there's a cybersucker born every millisecond.

Jeanson James Ancheta: Don't take a (memory) dump where you eat
Sven Jaschan: Beware the bounty hunter in gym class
Christopher William Smith: The upper limit of enhancement
Robert Alan Soloway: A spammer by any other name
Jan de Wit: Say my name, worm
Alexei Ivanov and Vasily Gorshkov: Here's how I steal passwords, officer




Andrew Brandt writes about computer security when he's not analyzing malware at his day job.

Sign up to receive Security Resource Alerts

Subscribe to the Security Central Newsletter

The one-stop resource center for IT professionals.

White Paper

CA Security Management Solutions

A comprehensive security management solution can help you streamline, as well as grow, your current or evolving business. In this way, a strategic security approach can help you increase your competitiveness in these challenging market conditions.

Download now! »

White paper

Beyond Compliance: The Significant Benefits of Log Management

Find out how you can effectively collect, normalize and archive enterprise-wide, security-related data that is invaluable for security investigation and compliance reporting.

Download now! »

Webcast

Integrated Identity Compliance: Enabling Cost-Effective Role-Based Compliance

This session focuses on the intersection of role management and identity compliance, and addresses the importance of identity compliance in enterprise governance and the challenges that organizations may face in achieving it.

View now! »
©1994-2009 Infoworld, Inc.