Bin Laden hack-meister in defacement, financial debacles

SecurityNewsPortal folds, YIHAT fortune evaporates

  • alert
  • submit to reddit

Seven Steps to Software Security

Shameless German glam-h4x0r Kim Schmitz aka Kimble, who recently stole headlines with his YIHAT (Young Intelligent Hackers Against Terrorism) publicity stunt and his unsubstantiated claims to have hacked a Sudanese bank with /bin/laden accounts, has been fingered in a defacement of SecurityNewsPortal (SNP) which prompted the site's sudden closing. Oh, and the flamboyant Schmitz is broke, too.

First things First

We were quite shocked Wednesday to learn that SNP would close shop after suffering a defacement by someone claiming to be Kimble/YIHAT. The defaced page ridicules SNP's own security and obsesses on the injustice of their raking in cash for security services.

Fine, except that SNP sells nothing; and fine, except that the site is hosted and its owners are therefore not in complete control of its defenses. But other than that, the defacer is a real oracle of security wisdom.

"Hacked by Kimble of YIHAT," the defacer announces. "Hello, world!" he adds, indicating at least a programming-101 comic awareness, and then goes on to denounce SNP in the manner indicated above for several long, dull paragraphs.

This made no sense to us, since calling bullshit on SNP's security would only remind us of how Fluffi(y) Bunni(y) recently humiliated Kimble and his YIHAT leet guardians by defacing his shameless vanity site; so we contacted Kimble and SNP Editor Marquis Grove with our doubts.

Kimble hasn't replied, and we think we can guess why; but Marq told us in no uncertain terms that "the defacement of our Web site was not done by Kimble."

"The defacer hopes that by signing the defacement with Kimble's name and giving all his contact and Web site addresses, Kimble will be put on the flaming end of indignant users," he reckons.

As for the decision to pull the plug on SNP, Marq considers it the ultimate trump. Rather than see his host plagued by k1dd10ts, he's simply removed the target. No target, no phun. Bugger.

A Legend in his own Mind

Who is this Kimble, anyway? He has a Web site devoted to his aggrandizement as an obscenely spoilt fat bastard with money to burn. He even hired a model who'd posed in Playboy to pretend to be attracted to him as he squired a cluster of pals around the Caribbean in a rented yacht he hopes we'll think he owns.

He likes to be photographed in proximity to helicopters and private jets and fast cars and pretty sluts, and he litters his site with enormously too many pictures illustrating this appetite.

He's established a legend of his hacking proficiency based on a little fact interlarded with a lot of juicy bits taken from media accounts and movies, as this article mirrored by attrition makes painfully clear.

He's claimed to organize a leet squad of cyber ninjas called YIHAT who would penetrate the nether-world of on-line terrorism via their gay shell accounts. He's claimed that his YIHAT guard have penetrated the /bin/laden financial lair, but he's offered not one shred of proof.

"I want to see some proof of these hacks," InfoSec News Editor William Knowles says. He issued a challenge to Kimble back on 11 October to cough some of it up.

"I think this hack into the AlShamal Islamic Bank is a complete crock of shit, and I am calling on Kim Schmitz: Show us the proof on this!"

As of today, Knowles hasn't heard word one from YIHAT or its fatboy founder. And we're far from surprised. But Kimble persists in trading on myth:

"YIHAT, founded to acquire and coordinate a team of hackers with the goal of eliminating the electronic foundations of terrorist activities worldwide, has successfully completed the first phase of its mission: The team has reached the projected strength and has gathered a sufficient amount of information to launch the second phase of the YIHAT operation, which is to monitor, infiltrate and take control of the information infrastructure used by or supporting terrorists," the team of IRC kiddies claims, adding, ominously, that "YIHAT moves to the underground."

It really is touching how they ape cDc's deliciously self-mocking humor:

"You have never seen us, but you may have felt our wrath. We operate in the bitter darkness outside the known channels. We slink like cats along the fringes, spreading the power and propaganda of the Cow wherever we are.

"We have mastered, one and all, the power of digital chi; we have been deeply indoctrinated into its devastating offensive capabilities, and we can strike, suddenly and mercilessly, without even moving a finger. Our minds, bodies, and black clad keyboards are under our total control: our every movement, thought, and keypress are choreographed more perfectly than a classical ballet, and all have deadly purpose.

"We are capable of disguising our true purpose to such a degree that it is no longer expressible in words. We have eyebeams. We can strike out with such power as to crumble the sham defenses of any but the most stringent master of cow fu. Our hands contain the power and wisdom of the ancients, our hearts their unblinking vision."

Beautifully written. Only Kimble is trying to sell this hokum as straight news.


Fatboy has an investment fund, too. It isn't registered, of course, because it's a Ponzi scam. You just know he's paying dividends out of the investments of fresh dupes. You can just smell it.

Now it seems he's up to his eyeballs in debts like any free-spending charlatan, and his shares in KimVestor are about to be seized to address them. It also appears that his shares are going to be woefully inadequate to satisfy his creditors, according to German financial news outfit TeleBourse.

Here's what BabelFish makes of it:

"The appointed Internet Kroesus Kim Schmitz, whose Kimvestor AG is worth 200 million euro according to own specification approximately, is before the from. How the anlegermagazin reports the TELEBOERSE in its current output (Thursday), first of the three participation of the Kimvestor AG, the TUEV Dataprotect GmbH, placed an insolvency request. In the passed days one dispatched the Schmitz creditor, so the TELEBOERSE, who had waited some months long in vain for a payment of several hundredthousand Marks, erstrittene before court, to Schmitz a seizing resolution for the shares of the Kimvestor AG held by it. Whether the remaining value of the Kimvestor participation in the mega Car and the Money bank are sufficient for the payment of the Schmitz debts, by Bankern one doubt, is called it in the report."

Here's what I make of it:

Pyramid scam. ®

Related Link

Kimble & YIHAT Morons Threaten Attrition

Mobile application security vulnerability report

More from The Register

next story
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Black Hat anti-Tor talk smashed by lawyers' wrecking ball
Unmasking hidden users is too hot for Carnegie-Mellon
Attackers raid SWISS BANKS with DNS and malware bombs
'Retefe' trojan uses clever spin on old attacks to grant total control of bank accounts
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
prev story


Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.