[ISN] Police swoop on 'hacker of the year'

From: InfoSec News (alerts@private)
Date: Wed Nov 14 2007 - 23:06:46 PST


http://www.smh.com.au/news/security/police-swoop-on-hacker-of-the-year/2007/11/15/1194766821481.html

By Asher Moses
The Sydney Morning Herald
November 15, 2007

The Swedish hacker who perpetrated the so-called hack of the year has 
been arrested in a dramatic raid on his apartment, during which he was 
taken in for questioning and several of his computers confiscated.

Dan Egerstad, a security consultant, intercepted data carried over a 
global communications network used by embassies around the world in 
August and gained access to 1000 sensitive email accounts. They 
contained confidential diplomatic memos and other sensitive government 
emails.

Details of the hack were reported on this site on Tuesday [1].

After informing the governments involved of their security failings and 
receiving no response, Egerstad published 100 of the email accounts, 
including login details and passwords, on his website for anyone curious 
enough to have a look. The site, derangedsecurity.com, has since been 
taken offline.

The hack required little more than tools freely available on the 
internet, and Egerstad maintains he broke no laws. In fact, he is 
confident the email accounts he gained access to were already 
compromised by other hackers, so his efforts in fact prevented them from 
continuing their spying.

Egerstad was soon back to his regular routine but, on Monday morning, 
his apartment, located 650 kilometres from Stockholm, was raided by four 
agents from Swedish National Crime (which Egerstad calls "our FBI") and 
Swedish Security Police ("our CIA").

About 9am Egerstad walked downstairs to move his car when he was 
accosted by the officers in a scene "taken out of a bad movie", he said 
in an email interview.

"I got a couple of police IDs in my face while told that they are taking 
me in for questioning," he said.

But not before the agents, who had staked out his house in undercover 
blue and grey Saabs ("something that screams cop to every person in 
Sweden from miles away"), searched his apartment and confiscated 
computers, CDs and portable hard drives.

"They broke my wardrobe, short cutted my electricity, pulled out my 
speakers, phone and other cables having nothing to do with this and been 
touching my bookkeeping, which they have no right to do," he said.

While questioning Egerstad at the station, the police "played every 
trick in the book, good cop, bad cop and crazy mysterious guy in the 
corner not wanting to tell his name and just staring at me".

"Well, if they want to try to manipulate, I can play that game too. [I] 
gave every known body signal there is telling of lies ... covered my 
mouth, scratched my elbow, looked away and so on."

Egerstad said the police also accused him of theft because he had eight 
PlayStation 2 consoles in his apartment. He said he owns a company that 
"handles consoles".

Egerstad was released and no charges have been laid against him, but the 
police are in the process of investigating the matter and nothing has 
been ruled out.

Linus Larsson, a reporter for Computer Sweden magazine whom Egerstad 
called after the ordeal, said in a phone interview he had confirmed with 
Swedish police that the raid took place.

"We don't know exactly what they [police] are doing now but they took 
his hard drives and his computers, and according to him the 
interrogation went on for about 2 hours and he was then released but he 
did not get his equipment back," Larsson said.

Egerstad said his lawyer was looking into whether the Swedish police had 
broken the law by making several "unnecessary actions".

"They aren't giving me any information on who filed the report but said 
that they have been exchanging information with other countries."

He said he hadn't heard anything from police since the raid but he did 
not expect to receive the seized equipment back for months, even years.

"[I'm] losing money and trust in my company and even if i'm never 
charged I will not get any compensation it looks like."

The raid occurred around the same time a feature article on Egerstad's 
hack appeared in the Next IT section in The Age and The Sydney Morning 
Herald, but it is unlikely the story sparked the raid.

Patrick Gray, who wrote the article, has published a detailed audio 
interview with Egerstad, which took place before the raid, on his 
website ( http://itradio.com.au/security/ ).

[1] http://www.smh.com.au/news/security/the-hack-of-the-year/2007/11/12/1194766589522.html


__________________________________________________________________      
Visit InfoSec News
http://www.infosecnews.org/



This archive was generated by hypermail 2.1.3 : Wed Nov 14 2007 - 23:25:41 PST