11:55 As I fished Hackers 2 | |
Continued from here. Going to a server, I saw an open page of the bank in your browser, several pre-compiled versions of the popular virus, apache logs, who was monitoring the attack and open a terminal session on a server with a Turkish IP with an invitation to enter your login and password. On Apache logs, it was clear that the Turkish server is one of the "head" worm, ie, the focal point of attack. We had to somehow give the command to stop the attack, otherwise, "cutting off" his head, we have not been able to stop DDOS. Realizing that I was so quite beyond his powers, I have archived all the files I'm interested in the server, sent on your e-mail, took a few screenshots and said Sergei Ivanovich, that he returned the hacker access to the server. Later, as Sergey Ivanovitch promised, he gave me an ICQ number and cell phone hacker. Hacker was named Alexander. Sergei Ivanovich told that Alexander works as a programmer with a foreign customer. Customer rented this and several other servers on their hosting service for their needs. Later, Sergei also asked the customer informed of whether he thought that Alexander uses the server for DDOS attacks. At the same time the hacker was fired. He was furious, and not trying to either hide or cover their tracks, or deny what he was accused. He was convinced of their impunity. At the time, as networkers Department of Communications together with the employees who came immediately CISCO, installed the security module from DDOS (still tens of thousands of simultaneous open connections, giving a strong burden on the firewall), I tried to find out who this Alexander, and I was not mistaken in his accusations. Fold the internet image of the ICQ number was not difficult: this ICQ belonged to some person by nick Flick from Odessa, who have successfully found work in Kiev and moved there with his wife. Things were going well for them, and he even at one of the forums advice about buying a car. Also among his positions were more associated with the discussion of the organization of botnets and offer their services. This information confirmed the correctness of my thoughts, and I decided to contact the hacker on ICQ. Hello Alexander, I'm at the department of information technology bank <% bank_name%> hello I ask you a question directly - I need access to the server, which is the "head" worm a worm? Alexander, I offer you a deal - you're telling me username and password to the server with the IP XX.XXX.XXX.XXX, or disable themselves DDOS attack, and my actions on this dialogue will not go. Or do you continue to resist, and I give all the information about you to the security service bank, and further conversation will already carry them. And if you can not prove who I will compensate moral damage? Alexander, we are cooperating or not? I have no idea what you say Within hours after this dialogue, the Turkish server stopped pinging. "His head was cut off. Remains the only - to transmit all information in the security services of the bank, which I did. Security Service filed a statement to the police and after a while I got a call from the Department for Fighting Economic Crimes and asked to come for a consultation. Previously, one of the headmistress bank security service, gave me some tips on how to behave when talking to the Economic Crimes and reported that it is young, a great specialist, the guy in a good way hooked on this matter. But she also said that we must understand that for him the highest priority right now is concerned about the organization of child pornography on the Internet, which he leads, and frankly admitted that, as the damage caused to the bank from the attack, it is difficult to estimate, we did not a lot of chances for a successful outcome. But as they say, our job - to crow, but it gets light - no daylight ... This actually was the end. Whether as a result of referral to the police, or a conversation in ICQ, but the attack the next day and ended the story ended. After consultations Economic Crimes within the next year, I am so no one reported the results of the case, but from time to time that went out in an online short number ICQ was clear that all the hacker did not go unpunished. Or to punish? Job loss and nervous feelings, which I think he had in abundance. The end UPD: think in comments came the same hacker, I will not say exactly, but Nick is like, and comments tricky. I will write exactly when studying it | |
|
Total comments: 0 | |