[ISN] Suspected 'Fluffi Bunni' hacker in British custody

From: InfoSec News (isnat_private)
Date: Tue Apr 29 2003 - 23:09:44 PDT

  • Next message: InfoSec News: "[ISN] Licensed to War Drive in N.H."

    Forwarded from: William Knowles <wkat_private>
    
    http://www.nandotimes.com/technology/story/872265p-6086707c.html
    
    By TED BRIDIS, Associated Press
     
    WASHINGTON (April 29, 2003 7:07 p.m. EDT) - British authorities 
    arrested a man Tuesday believed to head a group of hackers known as 
    "Fluffi Bunni," which used a stuffed pink rabbit to mark attacks that 
    humiliated some of the world's premier computer security 
    organizations. 
    
    Fluffi Bunni captured the attention of the FBI just days after the 
    Sept. 11 terror attacks, when thousands of commercial Web sites were 
    vandalized with a single break-in that included the message, "Fluffi 
    Bunni Goes Jihad." 
    
    The FBI characterized the act in a November 2001 report as an 
    anti-American cyberprotest against the war on terrorism. 
    
    Lynn Htun, 24, was arrested by Scotland Yard detectives on outstanding 
    forgery charges while attending a prominent trade show in London for 
    computer security professionals, InfoSecurity Europe 2003, authorities 
    said. 
    
    British authorities did not mention Htun's alleged hacking. A U.S. 
    official, speaking on condition of anonymity, said Htun is wanted in 
    America in connection with a series of high-profile hacking cases 
    blamed on Fluffi Bunni. Investigators believe Htun was the group's 
    leader and referred to himself as Fluffi Bunni, the official said. 
    
    Authorities in London indicated they would release more information 
    Wednesday about Htun's arrest, although the continuing investigation 
    into Fluffi Bunni hackers was sensitive and other arrests could be 
    possible. 
    
    Fluffi Bunni embarrassed leading Internet security organizations by 
    breaking into their own computers and replacing Web pages with the 
    message "Fluffi Bunni ownz you" and a digital photograph of a pink 
    rabbit at a keyboard. The attacks, which began in June 2000, lasted 
    about 18 months, then stopped mysteriously and created one of the 
    Internet's most significant hacker whodunits in years. 
    
    "I thought he'd never be caught," said Jay Dyson, a consultant who 
    formerly helped run one of the victim Web sites. "He was clever and 
    had the patience of a saint. The targets he chose were ones that were 
    really high profile, and ones you'd think would be above reproach when 
    it comes to issues of security." 
    
    Victims have included the Washington-based SANS Institute, which 
    offers security training for technology professionals; Security Focus, 
    now owned by Symantec Corp.; and Attrition.org, a site run by experts 
    who formerly tracked computer break-ins. Other victims included 
    McDonald's Corp. and the online security department for Exodus 
    Communications Inc., now part of London-based Cable & Wireless plc. 
    
    "The guy was playing a game of 'gotcha.' He wanted to prove that even 
    firms that specialize in security can be hacked," said Mark Rasch, 
    chief security counsel for Solutionary Inc. and a former Justice 
    Department cybercrime prosecutor. "It's like someone who robs banks to 
    prove that banks can be robbed." 
    
    Brian Martin, who ran the Attrition site with Dyson and others, said 
    Fluffi Bunni quickly generated a fearsome reputation across the 
    underground because of the group's choice of targets. Martin 
    determined that a hacker broke into another user's computer, allowing 
    him to assume that person's digital identity and briefly take over the 
    Attrition site with a Fluffi Bunni message. 
    
    "He would break into companies that are there to secure you," said 
    Martin, who never reported the crime to the FBI. "It's a challenge, 
    and there's some irony behind it." 
    
    Targets frequently were attacked indirectly. Instead of trying to 
    break into the heavily protected Security Focus Web site, someone 
    hacked an outside computer that displayed advertisements on the site. 
    The ads were replaced with taunting messages and images of the pink 
    rabbit at the keyboard. 
    
    
    
    *==============================================================*
    "Communications without intelligence is noise;  Intelligence
    without communications is irrelevant." Gen Alfred. M. Gray, USMC
    ================================================================
    C4I.org - Computer Security, & Intelligence - http://www.c4i.org
    *==============================================================*
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Wed Apr 30 2003 - 01:18:15 PDT