Freeman Cebu Lifestyle

Meet Paperghost - the ethical hacker

INFOSEC AWARENESS MONTH - Maria Eleanor E. Valeros -

September 21, 2011 | 12:00am

A penchant for online gaming brought this webmaster to becoming Microsoft’s Most Valuable Professional Awardee in the field of computer security in 2006.

British computer security researcher Christopher Boyd, better known for his online pseudonym Paperghost, graced the 5th staging of the Rootcon Hackers Conference here recently. The gathering bannered the theme “Hackers Unite” in the hope of propagating ethical hacking. This is because a hacker is supposed to be someone who goes into the depths of any system and tries to understand how things actually work; not just someone who runs a bunch of scripts from the Internet to try and break information systems (as defined by iisecurity.in).

Boyd came with a warning to all gamers that consoles can be platforms for hacking or destruction of valuable information systems (accumulated points, for example).

“Console (In)security: The Oncoming Storm” tackled on current and emerging game threats and the need to protect both the online gaming industry and its various communities from these methods of attack: gamers in gaming session, system tampering, social engineering/rogue programs online, and attacking console maker (penetrating databases and live support).

In his presentation, it was learned that four in 10 gamers have no idea of threats powered by consoles; eight in 10 have no record as to who uses the console; 49 percent have a console in the workplace, and that 44 percent have a net connected.

Boyd specified that aside from gamertag hacking, plenty of hackers are out there to harass gamers because of this highly profitable business. Gamer scores, for example, are subjects of exploitation in game systems. “Game sessions show scores in real time. So the top scorers become vulnerable to the attack,” he said.

Other modes of harassment come in the form of fake comments, encouraging one to level up but only to be frozen somewhere or player/multiplayer kicked out of the session. Victims account even go booommm! Worst, passwords key in incorrectly. Message center also sends in miscellaneous promotions and giveaways to entice gamers to bite the bait.

Solutions at hand which assure of immediate relief from the nagging symptoms of an infected latest-generation technology include keeping in charge of the console management as well as Parental Lockout features to require passwords; using logbook in recording who uses console and when; avoiding using company name in any gaming account; and considering if the console really needs to be online.

It was in July 2004 that Boyd launched Vitalsecurity.org and that he has been instrumental in uncovering and bringing to the public attention issues of [digital] privacy and spyware. In general, it has been defined that spyware is any technology, such as tracking software, that aids in gathering information about a person or organization without their knowledge.

In November 2004, a modular hacking technique was employed to compromise Windows end-users by hacking Apache servers. When hacked, the servers would redirect a user on any of the server’s Web sites, leading them to a set of ever-changing infection pages. These pages employed recorded viruses, Trojans, malware (malicious software) and spyware. This technique is used heavily today by the groups behind the spyware “CoolWebSearch.”

Boyd continues to make significant discoveries in the field of security since 2006. Among the milestones in his career is the discovery of a 150,000-strong Botnet ring that used a custom-built Perl script to steal payment data from third party shopping cart applications.

In infotech, Botnet is a collection of compromised computers connected to the Internet, termed bots, that are used for malicious purposes. A zombie army, also known as a botnet, is a number of Internet computers that, although their owners are unaware of it, have been set up to forward spam and viruses. Meanwhile, Perl script refers to common gateway interface scripting language.

Another important discovery he made was the exposé of a web-browser that redirected end-users to potentially illegal pornography. He was also credited for unraveling an Instant Messaging worm that installs its own web browser; a modular, multi-chained string of infections dubbed the “Pipeline Worm”; and an Instant Messaging infection that uses Botnet-style tactics to enable click fraud (a type of Internet crime that occurs in pay-per-click online).

Above all, Boyd had discovered that adware makers Zango were promoting their content on social network MySpace and the worm using “Quicktime” files to spread across MySpace with the intent of pushing Zango adware (software package that plays, displays or downloads advertisements to a remote computer).

When asked if such attacks could be the potent reason as to why a number of social engineering and networking sites as well as music and video content endeavors folded up, Boyd replied in the affirmative, pointing out how costly the task is on the part of the developers. And very taxing too for end-users!

Boyd is currently a senior threat researcher connected with GFI Software. The firm provides web and mail security, archiving, backup and fax, networking and security software and hosted IT solutions for small to medium-sized enterprises via an extensive global partner community. Check www.gfi.com.