Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Stolen code, 9-month hacking spree lead to criminal charges

From: InfoSec News <alerts () infosecnews org>
Date: Fri, 16 Nov 2012 02:22:35 -0600 (CST)
http://arstechnica.com/security/2012/11/stolen-code-9-month-hacking-spree-lead-to-criminal-charges/

By Dan Goodin
Ars Technica
Nov 15 2012
Federal officials have accused a Dutch man of hacking into a New Hampshire-based game company, tampering with sensitive user data, and using the stolen source code to start a competing online game.
Anil Kheda, 24, of the Netherlands, began his hacking spree in November 2007 after one of his accounts was deleted from Outwar (an online role-playing game with 75,000 active players), according to documents filed in US District Court in New Hampshire. Prosecutors allege that two months later, he started a competing game called Outcraft using source code obtained from the hacked servers. The game earned Kheda at least $10,000 in profits. Over the next nine months, he allegedly continued the hacks and agreed to stop only if the hacked company—Portsmouth, New Hampshire-based Rampid Interactive—paid him money and provided other benefits.
According to prosecutors, Kheda claimed to have found vulnerabilities in Rampid's network and the Outwar source code that allowed him to gain administrator access to the underlying functions of the game. His ability to repeatedly delete a user database seemed to indicate his claims were at least partially true. The tampering caused Outwar to go down for a total of about two weeks over the nine-month stretch, causing Rampid to incur more than $100,000 in lost revenue, wages, and other costs, according to prosecutors.
"You guys have the following three options," Kheda wrote in a December 2007 e-mail included in the federal indictment. "1. Let me play again on my master account (with everything that was on it), and I will report everything when I come across a vulnerability. 2. Pay me $1500 and you will never hear from me again. 3. Don't reply to this e-mail and you are gonna wish you picked one of the other options." 

[...]


______________________________________________
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
http://www.shopinfosecnews.org
Previous By Date Next
Previous By Thread Next

Current thread: