Skip to content

Posts tagged ‘fraud’

26
Mar

Safari, Mac OS X and Fraudulent SSL Certificates (Comodo)

Following the recent hacking of Comodo, a certificate authority that distributes SSL certificates, web users to the following domains are at a higher risk of phishing and sniffing attacks:

  • login.live.com
  • mail.google.com
  • www.google.com
  • login.yahoo.com
  • login.skype.com
  • addons.mozilla.org

Attackers were able to obtain SSL certificates for these domains, essentially allowing them to pose as those websites. The certificates have since been revoked by Comodo, however this relies on browsers checking for them by checking Comodo’s Certificate Revocation List (CRL) and having the Online Certificate Status Protocol (OCSP) enabled. Firefox and Chrome were updated last week to block the fraudulent certs, but Safari doesn’t do CRL and OCSP checking by default.

Hit the jump for how to enable these checks in OSX and Safari. Read moreRead more

3
Feb

LIGATT CEO Gregory D Evans Hacked and Exposed

It appears that the website (rm’d), email and Twitter account of the much disliked LIGATT CEO Gregory D Evans have been hacked, and 84,668 of his emails have been leaked in a 4.15GB torrent. Evans, self-declared “World’s Number 1 Hacker” and also a convicted felon, is frequently outed by many in the security industry for his use of plagiarism, fraud and unethical practices. This leak is probably due to his consistent harassment of security professionals who have been vocal about exposing his activities. A full and descriptive profile of Evans is available at SecurityErrata.org.

Messages were posted on Evans’ hacked Twitter account (above), pointing to a Pastebin (since removed). Here is an excerpt:

Do not meddle in the affairs of hackers, for they are subtle and quick to anger.

When one thinks of frauds in the infosec community, most people are quick to point to Gregory D Evans of LIGATT Security[…]

He’s gone after people at their home to intimidate them and their family. He’s gone after them at their work to discredit them with their employer. And as everyone knows, he recklessly sues anyone who speaks negatively of him on the internet[…]

Enough is enough. He must be stopped by any means necessary. To that end, at the end of this message is a torrent of the inbox of [email protected].

The end of the message contained a link to another pastebin (also removed), which was a Base64-encoded torrent file. The password for the archive in the torrent, as posted on his Twitter feed, is “DoomedCharlatan”. Ligattleaks (now offline), a site dedicated to leaking information about Gregory Evans’ activity (although they say they were not involved in this particular leak), have announced that they will be trawling the emails for evidence of fraud and unethical behaviour.

[Updated] Ligattleaks is back online offline online offline, for good it seems. Another security firm (HBGary) hacked and exposed for investigating Anonymous.

[Update 15/2/2011] CBS Atlanta had a news segment about LIGATT and Gregory Evans entitled “Hacker or Hoax”.  LIGATT responds to CBS Atlanta (link removed as his site was found to be distributing malware). This post debunks LIGATT’s response.

When one thinks of frauds in the infosec community, most people are
When one thinks of frauds in the infosec community, most people are
quick to point to Gregory D Evans of LIGATT Security.quick to point to Gregory D Evans of LIGATT Security.
css.php