Feeds

Bin Laden hack-meister in defacement, financial debacles

SecurityNewsPortal folds, YIHAT fortune evaporates

  • alert
  • submit to reddit

Providing a secure and efficient Helpdesk

Shameless German glam-h4x0r Kim Schmitz aka Kimble, who recently stole headlines with his YIHAT (Young Intelligent Hackers Against Terrorism) publicity stunt and his unsubstantiated claims to have hacked a Sudanese bank with /bin/laden accounts, has been fingered in a defacement of SecurityNewsPortal (SNP) which prompted the site's sudden closing. Oh, and the flamboyant Schmitz is broke, too.

First things First

We were quite shocked Wednesday to learn that SNP would close shop after suffering a defacement by someone claiming to be Kimble/YIHAT. The defaced page ridicules SNP's own security and obsesses on the injustice of their raking in cash for security services.

Fine, except that SNP sells nothing; and fine, except that the site is hosted and its owners are therefore not in complete control of its defenses. But other than that, the defacer is a real oracle of security wisdom.

"Hacked by Kimble of YIHAT," the defacer announces. "Hello, world!" he adds, indicating at least a programming-101 comic awareness, and then goes on to denounce SNP in the manner indicated above for several long, dull paragraphs.

This made no sense to us, since calling bullshit on SNP's security would only remind us of how Fluffi(y) Bunni(y) recently humiliated Kimble and his YIHAT leet guardians by defacing his shameless vanity site; so we contacted Kimble and SNP Editor Marquis Grove with our doubts.

Kimble hasn't replied, and we think we can guess why; but Marq told us in no uncertain terms that "the defacement of our Web site was not done by Kimble."

"The defacer hopes that by signing the defacement with Kimble's name and giving all his contact and Web site addresses, Kimble will be put on the flaming end of indignant users," he reckons.

As for the decision to pull the plug on SNP, Marq considers it the ultimate trump. Rather than see his host plagued by k1dd10ts, he's simply removed the target. No target, no phun. Bugger.

A Legend in his own Mind

Who is this Kimble, anyway? He has a Web site devoted to his aggrandizement as an obscenely spoilt fat bastard with money to burn. He even hired a model who'd posed in Playboy to pretend to be attracted to him as he squired a cluster of pals around the Caribbean in a rented yacht he hopes we'll think he owns.

He likes to be photographed in proximity to helicopters and private jets and fast cars and pretty sluts, and he litters his site with enormously too many pictures illustrating this appetite.

He's established a legend of his hacking proficiency based on a little fact interlarded with a lot of juicy bits taken from media accounts and movies, as this article mirrored by attrition makes painfully clear.

He's claimed to organize a leet squad of cyber ninjas called YIHAT who would penetrate the nether-world of on-line terrorism via their gay shell accounts. He's claimed that his YIHAT guard have penetrated the /bin/laden financial lair, but he's offered not one shred of proof.

"I want to see some proof of these hacks," InfoSec News Editor William Knowles says. He issued a challenge to Kimble back on 11 October to cough some of it up.

"I think this hack into the AlShamal Islamic Bank is a complete crock of shit, and I am calling on Kim Schmitz: Show us the proof on this!"

As of today, Knowles hasn't heard word one from YIHAT or its fatboy founder. And we're far from surprised. But Kimble persists in trading on myth:

"YIHAT, founded to acquire and coordinate a team of hackers with the goal of eliminating the electronic foundations of terrorist activities worldwide, has successfully completed the first phase of its mission: The team has reached the projected strength and has gathered a sufficient amount of information to launch the second phase of the YIHAT operation, which is to monitor, infiltrate and take control of the information infrastructure used by or supporting terrorists," the team of IRC kiddies claims, adding, ominously, that "YIHAT moves to the underground."

It really is touching how they ape cDc's deliciously self-mocking humor:

"You have never seen us, but you may have felt our wrath. We operate in the bitter darkness outside the known channels. We slink like cats along the fringes, spreading the power and propaganda of the Cow wherever we are.

"We have mastered, one and all, the power of digital chi; we have been deeply indoctrinated into its devastating offensive capabilities, and we can strike, suddenly and mercilessly, without even moving a finger. Our minds, bodies, and black clad keyboards are under our total control: our every movement, thought, and keypress are choreographed more perfectly than a classical ballet, and all have deadly purpose.

"We are capable of disguising our true purpose to such a degree that it is no longer expressible in words. We have eyebeams. We can strike out with such power as to crumble the sham defenses of any but the most stringent master of cow fu. Our hands contain the power and wisdom of the ancients, our hearts their unblinking vision."

Beautifully written. Only Kimble is trying to sell this hokum as straight news.

KimVestor

Fatboy has an investment fund, too. It isn't registered, of course, because it's a Ponzi scam. You just know he's paying dividends out of the investments of fresh dupes. You can just smell it.

Now it seems he's up to his eyeballs in debts like any free-spending charlatan, and his shares in KimVestor are about to be seized to address them. It also appears that his shares are going to be woefully inadequate to satisfy his creditors, according to German financial news outfit TeleBourse.

Here's what BabelFish makes of it:

"The appointed Internet Kroesus Kim Schmitz, whose Kimvestor AG is worth 200 million euro according to own specification approximately, is before the from. How the anlegermagazin reports the TELEBOERSE in its current output (Thursday), first of the three participation of the Kimvestor AG, the TUEV Dataprotect GmbH, placed an insolvency request. In the passed days one dispatched the Schmitz creditor, so the TELEBOERSE, who had waited some months long in vain for a payment of several hundredthousand Marks, erstrittene before court, to Schmitz a seizing resolution for the shares of the Kimvestor AG held by it. Whether the remaining value of the Kimvestor participation in the mega Car and the Money bank are sufficient for the payment of the Schmitz debts, by Bankern one doubt, is called it in the report."

Here's what I make of it:

Pyramid scam. ®

Related Link

Kimble & YIHAT Morons Threaten Attrition

Choosing a cloud hosting partner with confidence

More from The Register

next story
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.