[Back on September 28th, I said that I wasn't going to post anymore crap from Kim Schmitz to InfoSec News, but it appears that his public relations machine is in full swing and unsubstantiated news stories are still being written. I think this hack into the AlShamal Islamic Bank is a complete crock of sh*t, and I am calling on Kim Schmitz on this one, Show us the proof on this! Here's why I think this is a crock... Its all too easy to say that you and your merry band of hackers compromised the security of a Checkpoint FireWall-1, Checkpoint doesn't belive the hack happened in the first place and probably would love to hear how it was done, if it was done. YIHAT hackers have allegedly given information only to the FBI, The FBI will not comment on an ongoing investigation, and the NIPC also points out that this kind of activity "is illegal and punishable as a felony, with penalties extending to five years in prison." When an agency can't comment on an investigation, one can say just about anything they want, (Kimble might as well say that he knows where D.B. Cooper is and that he's a silent investor in one of his many venture capital projects.) as it stands now, the FBI is investigating over 50,000 seperate tips, not to mention chem/bio scares and people somehow still busting into jet cockpits. Kim Schmitz says this has nothing to do with PR. Yet the YIHAT webpage has the press registration link just above the signup for new YIHAT membership. Schmitz whose personal net worth is allegedly more than $100 million, and is offering a reward of $10 million is also actively solicting the funding of YIHAT off the kill.net website. This has me wondering if Mr. Schmitz is either unwilling or unable to front his own projects or pay for any future rewards on information. Not knowing what information YIHAT hackers have gained from the Al Shamal Islamic Bank and then given to the FBI, I have to wonder if its the same information now posted at: http://www.shamalbank.com/Statment.htm (Fwd) It is obvious from above statement that Osama Bin Laden was never a founder or a shareholder of Al Shamal Islamic Bank. His only relation with the bank was through Al Higra Construction & Development Co. Ltd. ( a local company incorporated in Sudan on 24.3.1992 ) and Wadi El Agig Co. ( A Saudi co. Registered in Saudi Arabia ) Wadi El Ageg is holding minority share in Al Higra was represented by Bin Laden . Al Higra Construction & Development Co.Ltd opened two accounts on 30.03.1992 and since 1997 both accounts were inoperative and closed. Wadi Al Ageg opened a US Dollar Account in 1993 and since 1995 the account is inactive and closed. (End) So what? I want to see some proof of these hacks! With some of the best IT and print journalists subscribed to ISN, not to mention top information security professionals along with Local, State and Federal law enforcement officers, I'm sure that someone here can verify that this these hacks and information are true and not a figment of a healthy imagination and a well paid public relations company. While operational information wouldn't have to be printed, just a consentaneous that this is real and that you haven't been pulling everyones leg on this. Say within the next 24 hours? -=- William Knowles - 10.11.2001] -=- http://www.nandotimes.com/technology/story/128776p-1350605c.html By ROB LEVER, Agence France-Presse WASHINGTON (October 10, 2001 3:02 p.m. EDT) - Hackers are waging a cyberwar against Osama bin Laden and his allies, despite warnings from government and security experts that this activity could be counterproductive. The latest effort came this week when Kim Schmitz, a German hacker-turned security consultant, launched a website to recruit hackers to track down funds and other evidence linking bin Laden to the September 11 terrorist attacks. Since launching his group -- Young Intelligent Hackers Against Terror (YIHAT) -- Schmitz says 34 people from 10 countries, as well as three Arabic language translators, have joined the effort. He claims these hackers have tracked down bin Laden's bank accounts at a bank in Sudan. Schmitz, who was convicted of hacking into NASA and Pentagon computers in the 1990s, has offered a 10 million dollar reward for information leading to the arrest and conviction of the exiled Saudi who is the prime suspect of US officials. "I am offering my creativity, name and money to fight terror," Schmitz says on his website. "I think the free world must unite NOW. We can only beat terrorism if everybody, everywhere is fighting against it ... In a few years terrorists will have nuclear and biological weapons and they won't kill 5,000 but 5 million people with one strike." Schmitz's efforts come in the wake of an organized effort by a US-based hacker group known as "the Dispatchers," which launched a campaign against sites deemed to be linked to bin Laden and the Taliban regime in Afghanistan. The Dispatchers claim to have shut down the website of the presidential palace of Afghanistan, as well as some Iranian and Palestinian sites. "We are a group of computer security enthusiasts, who are outraged at the acts of terrorism and such which are taking place in this day in age," the group said in a message replacing the official websites. "It is our cause to fight back in every way which we can ... Our current targets are those of nations who support terrorism and groups of terrorism." But the group also hit -- possibly by mistake -- a site operated by the financial services group Aon, which had the word "terrorism" in its Internet address. Aon was among the firms located in the World Trade Center. US officials and security experts frown on what they describe as "vigilante hackers," saying it will do little to help and may harm the cause. "Their motives may be possibly just, but their actions may be causing damage and it may have other implications for people's privacy," said David Endler, an analyst at the Virginia security firm iDefense. Endler said it is impossible to control the activities of a broad array of hackers -- ranging from adventurous to malicious -- and that some may violate laws or ethics and obtain or modify confidential data. He noted that YIHAT hackers "did break into a Sudanese bank and get some account information on bin Laden and supposedly gave that information to the FBI, but it's not clear what kind damage was done to that bank." The FBI's National Infrastructure Protection Center echoed that sentiment with a statement pointing out that such conduct "is illegal and punishable as a felony, with penalties extending to five years in prison." "Those individuals who believe they are doing a service to this nation by engaging in acts of vigilantism should know that they are actually doing a disservice to the country," the agency said. Indeed, some hacker groups, notably the German-based Chaos Computer Club, is eschewing the effort to hack the sites of enemies, saying, "Given the tense situation, we should not cut off means of communication and open up an even bigger gulf in understanding between peoples." But Schmitz said his goal is to assist law enforcement and urges YIHAT members to follow ethical guidelines. "We are generating leads for the FBI," he told AFP by e-mail. "Our goal is to work with the authorities and not against them. Our mission is to find terror money. Those who join YIHAT respect our rules, cracking (damaging data) is strictly prohibited just like defacing websites." - ISN is currently hosted by Attrition.org To unsubscribe email firstname.lastname@example.org with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu Oct 11 2001 - 06:48:38 PDT