General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsAshley Madison hackers leave footprints that may help investigators
http://arstechnica.com/security/2015/08/ashley-madison-hackers-leave-footprints-that-may-help-investigators/The people who leaked more than 200,000 e-mails from the Ashley Madison dating service for cheaters left behind footprints that will almost certainly be of interest to police and company officials.
The BitTorrent file containing e-mail for Noel Biderman, the CEO of Ashley Madison parent company Avid Life Media, was originally uploaded by someone using a server operated by Ecatel Ltd., a web host headquartered in the Netherlands. A Web interface for administering the BitTorrent server was left exposed to the Internet without a password, making it possible for outsiders to access. A few hours after the BitTorrent went live, the server went dark after an outsider accessed the wide-open interface and began making changes to the server configuration. The above screenshot, published by a Twitter user calling himself Mr. Green, is just one example of such an outside access.
"Somehow, the person(s) setting up the original uploading (=seeding) of the file forgot to password protect the Web interface, or turn the feature off," Per Thorsheim, an independent security researcher in Bergen, Norway, told Ars. "I suspect [the hackers] used the Web interface to administer the various uploads of the leaks using BitTorrent."
The box seeding the torrent was located at 94.102.63.121. Police and private investigators working feverishly to identify the people who hacked Ashley Madison and published user profiles, transactions, credit-card data, and a wide range of other sensitive data will almost certainly try to perform a forensic analysis of the physical server. They are also sure to check how the server was accessed. If the hackers didn't use Tor or a similar anonymity service, the investigators may be able to collect clues from the IP address used to log in to the box.
Glassunion
(10,201 posts)However I struggle to have any sympathy for the owners and customers of the websites.
Frank Cannon
(7,570 posts)A "burner" debit card and your boss' email address, and you could get back at that bastard for not giving you a bonus this year.
Glassunion
(10,201 posts)You'd have to know they were going to be hacked beforehand. Unlikely.
Frank Cannon
(7,570 posts)Imagine him getting e-mails from Brazzers sent to his work ten times a day.
Glassunion
(10,201 posts)But to go through the trouble of signing him up for a discreet website and providing payment for it... Sort of far fetched.
Blue_Tires
(55,445 posts)their sexual mores on the rest of us, where does it end??
Psephos
(8,032 posts)Glassunion
(10,201 posts)In the particular instance I have a hard time digging up empathy for the victims.
But, that does not mean that I don't want the thieves prosecuted.
Travis_0004
(5,417 posts)I get they have to investigate, but I would be amazed if that IP address helps them in anyway. I can't imagine an experienced hacker being so careless.
Fawke Em
(11,366 posts)I think the feds just want the average American to think they have a handle on cyber crime, but they really don't.
Oilwellian
(12,647 posts)What hacker doesn't use Tor?
Sheesh.
Gman
(24,780 posts)Someone bounced off to get there. Could be a dead end, in other words.
A HERETIC I AM
(24,380 posts)PufPuf23
(8,839 posts)in my beautiful mind and heartbreak to their spouses and families.
What a distraction.