[ISN] Secret Service probes school hackings

From: InfoSec News (isnat_private)
Date: Fri Jun 21 2002 - 02:47:46 PDT

  • Next message: InfoSec News: "[ISN] Judge takes byte out of local hackers"

    By Robert Lemos 
    Staff Writer, CNET News.com
    June 20, 2002, 6:50 PM PT
    Students at universities in four states may have been monitored by
    "spyware" placed on computers by online criminals to capture passwords
    and credit card numbers, a public safety officer at one of the schools
    involved, said Thursday.
    A month ago, agents with the U.S. Secret Service notified Arizona
    State University officials that some of their computers may have been
    compromised, said Lt. John Sutton of the university's Department of
    Public Safety. The Secret Service seized almost 20 hard drives from
    computers at the university and are currently analyzing them for clues
    as part of the investigation, he said.
    "We are looking to see if some type of software was installed on them
    that would allows someone from the keyboard or from a remote location
    to identify keystrokes and grab personal information," he said.
    The investigation has encompassed compromised computers at
    universities in Arizona, Texas, Florida and California, Sutton said.  
    It's believed that many of the computers had the software loaded onto
    the system by someone sitting at the keyboard, he added.
    Agents of the U.S. Secret Service's San Francisco bureau would not
    immediately comment on the investigation.
    Most of the computers being examined at ASU were located in student
    computer labs, Sutton said. The users of the PCs are usually limited
    to students, but the rule is not enforced. "It is supposed to be used
    for students only, and like any other loosely secured area, it is
    possible that someone could come in and use it who is not a student,"  
    he said.
    It's been known that university systems have long been a haven for
    hackers and online vandals. Compromised university systems contributed
    to the denial-of-service attacks that struck at well-known e-commerce
    sites more than two years ago.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Fri Jun 21 2002 - 05:05:43 PDT