Jump to content
Nytro

Secret Service laced honeypot with seduction to catch hackers

By Nytro, in Stiri securitate

Recommended Posts

Nytro Mentor

Nytro

Posted
Posted

[h=1]Secret Service laced honeypot with seduction to catch hackers[/h]Ba, cititi...

By Darlene Storm

June 11, 2012 1:37 PM EDT

The Ultimate Guide to Social Engineering [PDF] states “social engineers offer free gifts of favors” counting on the fact that reciprocation is a human impulse. An example is to give a “plate of cookies,” but what if the bait goodies were more along the lines of a plate of nookie?

We don’t often hear too much about U.S. Secret Service cyber investigations, but since its beginning in 1865 the USSS mission had to evolve from “its original counterfeit currency investigations to also include emerging financial crimes.” The 2011 Verizon Data Breach Investigation Report [PDF] included data from 257 Secret Service cybercrime investigations. In fact, the agency is extremely good at getting the job done and frequently investigates electronic crime, data theft and security breaches. But what if hacking the hacker was less high-tech, less about following a cyber-trail, and more about good old-fashion seduction to find a chink in the cybercrook’s armor? USSS social engineering using sex as bait helped lure Romanian hackers to America where two men were immediately arrested upon their entry to the United States.

Last December in a multimillion-dollar scheme, four Romanian hackers were charged with hacking point-of-sale (POS) systems which targeted more than 200 U.S. merchants including 150 Subway restaurants. The indictment said they remotely scanned for vulnerabilities in POS computer systems, guessed or used password-cracking programs, installed keystroke loggers and backdoor Trojans before stealing the credit card data of 80,000 U.S. customers. The Romanian hackers “used public filesharing services to transfer credit card data to fraud-minded customers.” They were charged “with conspiracy to commit computer fraud, wire fraud and access device fraud.” Adrian-Tiberiu Oprea was arrested in and extradited from Romania, but that left the Secret Service with figuring out how to nab Iulian Dolan, Cezar Iulian Butu and Florin Radu.

CTOvision reported the Secret Service successfully lured Dolan and Butu into the United States by using one of the oldest tricks in the book, by “using a female agent as a honeypot. In espionage, a honeypot refers to an agent or plan that uses seduction as bait for entrapment, and is one of the oldest and most successful tricks in tradecraft.”

It took social engineering and a woman’s wiles to bring down the 27 year-old Dolan. A female Secret Service agent pretended to be working at a resort and casino. She and Dolan developed a “rapport” before offering Dolan a free flight and a complimentary weekend of casino “fun.” The USSS and the casino had “set up a dedicated line for the female ‘employee’ and gave her an email with the casino’s domain name,” Krebs on Security reported. When Dolan checked it out, even the airline ticket had been purchased by the casino. It seemed legit and Dolan took the bait, hook, line and sinker.

Brian Krebs spoke with Michael Shklar who is the public defender appointed as Dolan’s attorney. “U.S. Secret Service agents tricked his client into voluntarily visiting the United States by posing as representatives from a local resort and casino that was offering him a complimentary weekend getaway.” Shklar added, Dolan “arrived in the U.S. with some clothes, a cheap necklace, a little bit of money, and three very large boxes of grape-flavored Romanian condoms.” He was arrested upon his arrival to Logan International Airport.

The USSS used a different targeted honeypot to catch the 26 year-old Butu. It started by subpoenaing Yahoo!, GoDaddy and other communications providers to study Butu’s emails. Then USSS investigators posed “as an attractive female tourist” who Butu had previously met in France.

Alex Olesker reported, “Despite their in-depth information, the USSS didn’t need to make their story particularly believable for it to work, claiming to be an independently wealthy Hooters waitress working at the restaurant chain for the health insurance and a love of people. That was enough to get him to fly to Boston to meet her, where he was arrested on the spot.” Attorney Shklar told Brian Krebs, Butu “gets off the plane and they nab him and the handcuffs don’t even have fur on them.”

As CTOvision pointed out, a lot can be accomplished using hackers and honeypots. “As the FBI’s veteran cyber cops have noted, that’s how you get things done. Investigating cybercrime is rarely a pure battle of wits between white hat and black hat hackers.” Arresting the Romanian hackers required neither “advanced technical expertise or capable and willing international partners.”

Radu remains at large, but might also fall prey to a social engineer using a sexual undertone. Social engineering is lethal to corporations and individuals as has been proven time and again, such as when security specialist Thomas Ryan created the fictional American cyber threat analyst Robin Sage. By setting up social networking profiles, claiming to be from MIT, and using photos from porn sites, the fake Sage was able to dupe security, military and intelligence people. Ryan compiled his research and then presented “Getting into bed with Robin Sage” [PDF] at BlackHat USA.

Women are thought to be better social engineers than men; it will be put to the test this year with Battle of the SExes. The stakes are different than what the USSS was out to achieve. It’s highly doubtful that either male or female social engineers will dangle nookie as bait at Defcon.

Sursa: Secret Service laced honeypot with seduction to catch hackers | Computerworld Blogs

Link to comment
Share on other sites
Guest Kovalski

Guest Kovalski

Posted
Posted

Exact cum stim majoritatea, oricine poate cadea plasa unui social engineering bine gandit.. absolut oricine.. este necesar doar sa cunosti anumite detalii despre victima (pe care le obtii tot cu SE) dupa care totul este posibil...

eu personal cred ca si eu as fi cazut in plasa.. si oricare din noi..

Link to comment
Share on other sites
Andrei Rookie

Andrei

Posted
Posted
Totu?i, nu mi-a pl?cut c? acel tip a fost extr?dat de România. A gre?it? S?-l judece românii, nu americanii.

Nu ti-a placut? Depune o plangere. Asta inseamna colaborare intre state. Dezavantajul e ca nici un om din SUA nu s-ar cobora la nivelul Romaniei sa faca ilegalitati aici ca sa fie nevoiti americanii sa ni-l trimita. Oricum ar fi, probabilitatea sa ajunga la noi e redusa. :-)

Cand ne vom uita de sus in jos la ei, poate va fi o sansa sa putem negocia. Pana atunci, congrats! :-D

Anyway, un adevarat POC de SE.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...