I found this article this morning on Wired and was quite suprised “pr0j3kt m4yh3m” still exists. Long time nothing happened and I thought the project just died after the actors in this project grew older. I was wrong, obviously. Dan Kaminsky and Kevin Mitnick are the latest victims of the security expert hunt.
Two noted security professionals were targeted this week by hackers who broke into their web pages, stole personal data and posted it online on the eve of the Black Hat security conference.
Security researcher Dan Kaminsky and former hacker Kevin Mitnick were targeted because of their high profiles, and because the intruders consider the two notables to be posers who hype themselves and do little to increase security, according to a note the hackers posted in a file left on Kaminsky’s site.
The files taken from Kaminsky’s server included private e-mails between Kaminisky and other security researchers, highly personal chat logs, and a list of files he has purportedly downloaded that pertain to dating and other topics.
The hacks also targeted other security professionals, and were apparently timed to coincide with the Black Hat and DefCon security conference in Las Vegas this week, where Kaminsky is unveiling new research on digital certificates and hash collisions.
Kaminsky made headlines last year for his Black Hat talk about vulnerabilities in the Domain Name System. He was accused by many in the security community of hyping the issue after he teased the topic in a press conference call a month before his talk without revealing details of the vulnerability, leading everyone to speculate on the nature of it. He was presented with a Pwnie award for Most Overhyped Bug and for “owning” the media.
The hackers criticized Mitnick and Kaminsky for using insecure blogging and hosting services to publish their sites, that allowed the hackers to gain easy access to their data.
Tuesday night Kaminsky removed the hackers’ note from his site and replaced it with a message reading, “Well played, guys. Could have done without the personal info dump but otherwise lets grab a beer at [DefCon].” His website is currently inaccessible. In messages posted to his Twitter page he wrote, “Messy, but heh. Walk onto a battlefield, you might get shot.”
Mitnick was once deemed by the government “the most wanted computer criminal in United States history” and was charged with 25 counts of wire and computer fraud and causing nearly $300 million in damages. He was jailed beginning in February 1995 for four and a half years without being charged and eventually pleaded guilty to 7 counts and was sentenced to 46 months in 1999, with some credit for time already served. He was released in 2000.
Mitnick has made a successful living on the lecture circuit and will soon publish a book about his experience, but he has often been accused by some in the hacking community of having few security skills and living off a dated reputation.
Source : Wired
