Hackers "Pwned" at DefCon

Two speakers proved that they hacked into the attendees' computers


Participants at the DefCon hacking conference, focusing on the latest methods of taking over end users' computers and corporate machines, found out that they had been subjects to a hijack themselves. According to an AFP report, the attendees at the conference were startled by the statements of Tony Kapela and Alex Pilosov, two "lecturers" at the conference, who said that they had silently intercepted data belonging to their colleagues.
Hackers at DefCon learned that their computers had also been hijacked
Enlarge picture

The method used by the two consisted in the exploitation of the paths on which data traveled along the network. Routing can be manipulated in such ways that owners of the affected computers can't tell that their online traffic is being tracked or that they receive other information than what they were waiting for. Instead of trying to break passwords or other security systems, hijackers who choose to use this type of approach only have to "convince" websites that the numbers corresponding to their computer defines the best path for these sites to deliver their data through.

The data traffic across the network is automatic, so websites choose, without verifying, the best path according to the numerical Internet address of the routes. The longer the address is, the higher the chances to be chosen. The hackers' job consists of adding some characters to the array to ensure that their computers are chosen as intermediaries between websites and other users. "Someone can passively intercept traffic," Kapela said. "We can store, drop, filter, mutilate, grope, or modify data heading to you."

And, in fact, this happened during DefCon, when some of the colleagues of the two hackers learned that their computers were not as safe as they thought. The two disclosed some email and search information intercepted while using the aforementioned method. In hackers' slang, some of the attendees, although also well-established hijackers, had been "pwned" by the two, meaning they were completely subdued to the actions of Kapela and Pilosov.

[Source: softpedia]

0 comments