[ISN] Remote access software aided hacker, CEO says

From: InfoSec News (alerts@private)
Date: Tue Jul 24 2007 - 22:30:02 PDT


http://www.ajc.com/metro/content/metro/gwinnett/stories/2007/07/23/computer_0724.html

By GEORGE CHIDI
The Atlanta Journal-Constitution
Published on: 07/24/07

A Buford executive has told police that a computer hacker tried to get 
into his company computer by using a popular remote-access application.

Andy Jensen, president and CEO of Buford Finance Company Inc., said he 
was in his office July 12 when he saw something unusual on his computer 
screen.

"The mouse started going to town like it knew just what it was doing," 
Jensen said.

For a few moments, the 50-year-old businessman watched in stunned 
silence.

"I'm just telling you, I was so amazed."

Somehow, he said, an application that let him access his computer from a 
remote location — called GoToMyPC — activated seemingly on its own.

When it did, he shut the computer off. For good measure, he unplugged 
it. And then, Jensen said, he and his information technology staff 
freaked out.

Gwinnett County police are investigating the incident as an act of 
computer trespassing.

The computer contains sensitive information for hundreds of clients 
carrying millions of dollars in loans, Jensen said, but the hacker 
probably failed to get at Jensen's files because the contact was so 
brief.

"I feel totally violated," he said. "If I hadn't have been here, they 
could have gone to town."

The company that produces GoToMyPC, Citrix Systems Inc. of Santa 
Barbara, Calif., said similar cases have arisen after the computer user 
shared his or her password with someone.

"Bar none, every single one of them was, 'Oh right, I shared my password 
with so-and-so,' " said John Kennedy, chief security architect for 
Citrix Online.

Some people use the same password for multiple Web sites and 
applications, allowing a single password breach to open up every locked 
program, he said.

"You want to use a complex password that you don't use on other sites. 
Write the password down and keep it in your wallet," he said.

A security expert from Georgia Tech warned computer users to beware of 
remote programs that can record the keystrokes of a password as it is 
typed and secretly transmit the information to a hacker. He suggested 
that computer users install anti-virus software and download updates as 
they become available.

"Typically, we have defenses for things we know, but we keep finding new 
ones all the time," said Mustaque Ahamad, director of the Georgia Tech 
information security center. "You have to make sure you turn off access 
where you don't want access."

© 2007 The Atlanta Journal-Constitution



_____________________________________________________
Attend Black Hat USA, July 28-August 2 in Las Vegas, 
the world's premier technical event for ICT security 
experts. Featuring 30 hands-on training courses and 
90 Briefings presentations with lots of new content 
and new tools. Network with 4,000 delegates from 
70 nations.   Visit product displays by 30 top
sponsors in a relaxed setting. Rates increase on 
June 1 so register today. http://www.blackhat.com



This archive was generated by hypermail 2.1.3 : Tue Jul 24 2007 - 22:47:24 PDT