Sophisticated Hacker Tries to Plant Virus on Curtis Melvin’s Computer

Read his account of it here. The FBI may be interested in this, since an effort this sophisticated raises the very real possibility of a state-sponsored hack.

Curtis, you have arrived.

If anyone has any recommendations for how to detect and protect against this kind of attack, I’d be interested in hearing what they are.

0Shares

10 Responses

  1. I suggest that if you are worried about an attack then there’s pretty much two principles that will stop a potential attacker in their tracks.

    First is using Linux. Its a lot harder to crack that normal and most vulnerabilities that exist are in Windows or are for Windows programs (for example the Adobe Reader exploit Curtis was attacked with. Additionally security for a lot of Linux distributions is not just an afterthought, but a prime concern, updating to fix holes within hours of them coming known. Microsoft is known for leaving discovered bugs unpatched for long periods of time.

    Second, virtualize everything. Creating a virtual machine is exactly that, creating a machine that unique to all attackers. A good idea on howto utilize these would be to categorize information into levels of sensitivity, and have different virtual machines for storing different levels of data. For example, if someone cracked your nonsensitive virtual machine (say by sending you an infected email) they would only have access to your nonsensitive data. Your sensitive stuff would be safe somewhere.

    Oh, and a few general security tips too. Use a different password for everything. If you have anything sensitive at all: encrypt it. Treat laptops as already being compromised, and if you need to store data on them encrypt it, and then bring your laptop with you everywhere, or alternatively do something like lock it in a safe. Regard any data you send across a network you don’t control (hotel network, wifi) as essentially being public (or use something like an encrypted VPN). If you use wifi at home make sure its a network encrypted with WPA (not WEP, as that’s easily broken).

    There’s probably a lot more, but that’s probably a beginning of good list of best practises for security.

  2. I certainly second the point about Linux. I’ve been using Ubuntu ever since my 80€ Norton antivirus failed miserably to prevent a virus from making a complete mess of my Windows XP for about a fortnight, and I find it a very smooth and user-friendly OS.

  3. Why do people feel the need to attack other persons computers to begin with? Does it give them a thrill to know that they are being an ass?

  4. I have a hunch that Cao de Benos send this virus to Curtis as they used to be pals. NKEconwatch even seems to confirm pictures where Curtis and Cao are just a little bit shy of actually hugging each other, but seemingly Curtis has now embraced a slightly more ‘professional distance’, ha !

    Those trips also featured some moronic doctor from NY, who brought suitcases full of medicine and thought he was doing something noble. Fool.

  5. I am sure they’re not pals anymore, but given the fact that in 04 and 05 Curtis was part of Cao’s ‘sucker entourage’, you would expect they had at least some ‘relationship’ of sorts.

    In 04/05 he seems to have been a ‘friend of Kim’ as per this movie on YouTube and wasn’t he marching there with 25 other loonies ??