[ISN] Computer hacking trial opens

From: InfoSec News (isnat_private)
Date: Tue Jul 03 2001 - 01:03:19 PDT

  • Next message: InfoSec News: "[ISN] Security stocks dip on earnings warning"

    technology writer 
    A seemingly innocent "Potato" computer game is at the centre of an
    internet hacking case that finally went to trial yesterday, after
    nearly three years of sporadic proceedings.
    Andrew Garrett is accused of using internet passwords, obtained from
    customers of Telecom's internet service provider Xtra, to gain free
    internet access. The Auckland man faces 10 charges of fraud, forgery,
    wilful damage and threatening to damage property.
    Opening the Crown's case, prosecutor Helen Gilbert said Garrett used a
    simple computer game sent as an e-mail attachment to mask a "Back
    Orifice" Trojan program, which infected the computers of Xtra account
    holders when they opened the e-mail.
    "[For] anyone who opened the e-mail to play the game, Back Orifice
    server installed itself on to their computer. On the face of it, it
    looked like something you might like to have a play with," she said.
    The Crown says the Trojan program allowed Garrett not only to access
    internet passwords but to crash users' computers at will and view
    everything on their screens.
    Jurors were presented with a mass of evidence, compiled when the
    police seized Garrett's computer in 1998 and including a series of
    computer logs that, the Crown claims, reveal he had access to other
    A characteristic of the virus allegedly used by Garrett also allowed
    him to send messages to the account holders whose computers he had
    hijacked, the Crown claimed.
    That lies at the root of the charge of threatening to damage property.
    "I recommend you find another ISP. If you don't, I will format your
    hard drive and don't think I can't," a message received by one Xtra
    account holder read.
    Last June, the prosecution was aborted when two justices of the peace
    revealed they were Telecom shareholders and their involvement amounted
    to a conflict of interest.
    At the root of Garrett's actions, claims the Crown, was his
    dissatisfaction with Telecom's decision to cut off his phone lines in
    1997, effectively closing the internet business he was running called
    The Hive.
    "The fact that he had a dispute with Telecom did not give him the
    right to take people's passwords," said Ms Gilbert.
    She pointed out that Garrett did not have to gain financially to face
    fraud charges.
    The issue first came to light in November 1998, when Garrett sent the
    Herald 200 passwords - proof, he said, that Telecom's internet network
    was insecure.
    Giving evidence yesterday was John Thackray, former manager of the
    police electronic crimes unit, who experimented with a cloned copy of
    Garrett's computer hard drive to successfully recreate the virus
    Cross-examining Mr Thackray, defence lawyer Michael Levett pointed to
    the fact that the Back Orifice "zip" file found on Garrett's computer
    was compressed, and there was no evidence that it had been "unzipped,"
    a necessary action for the file to be used maliciously.
    The case continues today, when for the first time in a New Zealand
    trial, police experts will carry out a simulated hack to recreate how
    Garrett could have gained remote access to other computers.
    ISN is hosted by SecurityFocus.com
    To unsubscribe email isn-unsubscribeat_private

    This archive was generated by hypermail 2b30 : Tue Jul 03 2001 - 01:11:51 PDT