Suspected 'Fluffi Bunni' hacker in British custody

[InfoSec News <isn () c4i org>]

Forwarded from: William Knowles <wk () c4i org>

http://www.nandotimes.com/technology/story/872265p-6086707c.html

By TED BRIDIS, Associated Press
 
WASHINGTON (April 29, 2003 7:07 p.m. EDT) - British authorities 
arrested a man Tuesday believed to head a group of hackers known as 
"Fluffi Bunni," which used a stuffed pink rabbit to mark attacks that 
humiliated some of the world's premier computer security 
organizations. 

Fluffi Bunni captured the attention of the FBI just days after the 
Sept. 11 terror attacks, when thousands of commercial Web sites were 
vandalized with a single break-in that included the message, "Fluffi 
Bunni Goes Jihad." 

The FBI characterized the act in a November 2001 report as an 
anti-American cyberprotest against the war on terrorism. 

Lynn Htun, 24, was arrested by Scotland Yard detectives on outstanding 
forgery charges while attending a prominent trade show in London for 
computer security professionals, InfoSecurity Europe 2003, authorities 
said. 

British authorities did not mention Htun's alleged hacking. A U.S. 
official, speaking on condition of anonymity, said Htun is wanted in 
America in connection with a series of high-profile hacking cases 
blamed on Fluffi Bunni. Investigators believe Htun was the group's 
leader and referred to himself as Fluffi Bunni, the official said. 

Authorities in London indicated they would release more information 
Wednesday about Htun's arrest, although the continuing investigation 
into Fluffi Bunni hackers was sensitive and other arrests could be 
possible. 

Fluffi Bunni embarrassed leading Internet security organizations by 
breaking into their own computers and replacing Web pages with the 
message "Fluffi Bunni ownz you" and a digital photograph of a pink 
rabbit at a keyboard. The attacks, which began in June 2000, lasted 
about 18 months, then stopped mysteriously and created one of the 
Internet's most significant hacker whodunits in years. 

"I thought he'd never be caught," said Jay Dyson, a consultant who 
formerly helped run one of the victim Web sites. "He was clever and 
had the patience of a saint. The targets he chose were ones that were 
really high profile, and ones you'd think would be above reproach when 
it comes to issues of security." 

Victims have included the Washington-based SANS Institute, which 
offers security training for technology professionals; Security Focus, 
now owned by Symantec Corp.; and Attrition.org, a site run by experts 
who formerly tracked computer break-ins. Other victims included 
McDonald's Corp. and the online security department for Exodus 
Communications Inc., now part of London-based Cable & Wireless plc. 

"The guy was playing a game of 'gotcha.' He wanted to prove that even 
firms that specialize in security can be hacked," said Mark Rasch, 
chief security counsel for Solutionary Inc. and a former Justice 
Department cybercrime prosecutor. "It's like someone who robs banks to 
prove that banks can be robbed." 

Brian Martin, who ran the Attrition site with Dyson and others, said 
Fluffi Bunni quickly generated a fearsome reputation across the 
underground because of the group's choice of targets. Martin 
determined that a hacker broke into another user's computer, allowing 
him to assume that person's digital identity and briefly take over the 
Attrition site with a Fluffi Bunni message. 

"He would break into companies that are there to secure you," said 
Martin, who never reported the crime to the FBI. "It's a challenge, 
and there's some irony behind it." 

Targets frequently were attacked indirectly. Instead of trying to 
break into the heavily protected Security Focus Web site, someone 
hacked an outside computer that displayed advertisements on the site. 
The ads were replaced with taunting messages and images of the pink 
rabbit at the keyboard. 



*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.