Feeds

'Evil' truckie charged with NBN provider attack

Media falls into NBN security-gasm; did AFP also nab Distribute.IT attacker?

Website security in corporate America

A 25 year old self-taught hacker has been arrested by federal police in Australia over 50 malicious attacks on Platform Networks, a trial service provider for NBN Co.

The unemployed truck driver from regional NSW, known in hacking circles as the notorious ‘Evil’ or ‘Evil from eftel’, was in control of Platform Networks for six weeks, according to police.

Evil allegedly used programs to generate passwords randomly and he used other methods to gain security information to access Platform Network's system.

The Sydney Morning Herald reports that the hacker could have taken down the ISP's entire network.

Federal police Assistant Commissione Neil Gaughan told the Herald that the alleged hacker did not appear to have access to confidential information, but had been mapping the background of the IT system.

‘Evil’ is well known as a serial bragger on chat rooms over attacks which appear to be motivated by malevolent mischief-making rather than commercial gain.

Australian Federal Police have investigated the suspect's antics for some time. In June he was thought to be associated with a vicious and sustained attack, on the Melbourne hosting company Distribute.IT, which subsequently crippled the company.

In the initial stage of the attack, a defacement message bearing Evil's tag appeared on the company's website. however it has yet to be established if he was the culprit . Also in January the University of Sydney’s website was defaced - and posts appeared from Evil on chat rooms bragging that he was the architect of the hack.

Evil is scheduled to face Orange Local Court today on 49 counts of unauthorised access to restricted data and one count of unauthorised modification of data. ®

Bootnote: The association between Evil's target, Platform Networks, and the National Broadband Network, is too delicious for mainstream media to resist. As a result, world+dog is equating the attack on Platform as "hacking the NBN". It's rather like saying that attacking someone who uses Telstra's network has "hacked Telstra".

Update: NBN Co, the company building the National Broadband Network, has been so overwhelmed by the media confusion surrounding the story that it has just released a statement that its network was not affected by the Platform Networks intrusion. "The company said to be involved is not yet offering services over the NBN", it says.

As was pointed out to El Reg by Internode's John Lindsay, who tweets as @bigjsl, NBN Co doesn't have any retailer IT interfaces in operation yet, making any infiltration from a provider to the NBN extremely improbable. ®

Platform Networks response, AFP press conference report here. ®

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Blood-crazed Microsoft axes Trustworthy Computing Group
Security be not a dirty word, me Satya. But crevice, bigod...
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
Freenode IRC users told to change passwords after securo-breach
Miscreants probably got in, you guys know the drill by now
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.