Tuesday, August 18th, 2009

An 18-year-old, accused of stealing a laptop in Melbourne and surfing porn on it, thought he was home free after evading police for two months, but he came undone when he logged on to Facebook.

The laptop was reportedly stolen from a staff member of ladder manufacturer Branach in the vicinity of Narre Warren, in Melbourne’s south-east, on June 8.

Fortunately for Branach, the company is a client of Sydney-based managed IT support firm Navigatum, which can connect to and control any of Branach’s laptops and diagnose technical problems from anywhere.

Using remote access software called Kaseya, Navigatum senior network technician David Stevenson set up an alert so that, whenever the stolen laptop was used to log in to the internet, the software would send him an email.

“I can tell when he’s online and from there I can jump on to my laptop and start watching what he’s doing,” Stevenson said in a phone interview.

“We were watching him for a little while but, because he was logging on at really random times like really late at night, we set up some scripts to capture [screenshots of] what he was doing on the screen every 30 seconds, and that was then uploaded to our server.”

On top of that, Stevenson installed a keylogger on the laptop “so we were able to log all of his keystrokes and passwords and websites that he visited”.

Stevenson said it was a few weeks before the user first began browsing the web with the laptop on June 24.

The screenshots, seen by this reporter, allegedly showed the thief browsing for porn videos for the first few weeks. He allegedly sourced the racy clips by conducting Google searches for terms such as “porn” and “porn videos”.

But Stevenson knew that, if he bided his time, the user would slip up eventually. It wasn’t possible to identify him immediately because the stolen laptop did not have a webcam.

Towards the end of July, the teen logged in to his Facebook account and, within an hour, he was arrested and charged with the theft, Stevenson said.

“From his Facebook account we managed to get his date of birth and school that he went to, and from there we were able to track him down,” Stevenson said.

This reporter saw the screenshots of the Facebook account but these, along with the alleged thief’s name, cannot be revealed for legal reasons.

Victoria Police confirmed the incident and said the teen was charged with theft but had yet to face court.

Stevenson said the police told him that, thanks in large part to his detective work, they were able to get the alleged thief to admit to a string of car thefts in the area. He also dobbed in two of his accomplices, Stevenson said.

“They [police] weren’t impressed with the amount of paper work they had to fill out so I’d say they managed to retrieve quite a lot,” he said.

Stevenson’s high-tech vigilante detective work is one of the first cases of geek justice found in Australia but it follows a string of similar cases overseas.

See the full post.

Pathway Solutions is now using Kaseya for our network managment for clients.  We have been able to speed up response time and keep up with backups, updates, and trouble tickets much faster since we initiated this.

Find out more by visiting us at http://www.itpws.com

Scott Kintz

Posted in Network, Web | No Comments »

Thursday, August 6th, 2009

Twitter was brought down for several hours today by what is called a DoS attack  (Denial of Service).  This is done with several computers that are taken over by viruses and used to launch attacks against your own network or on other networks or services.  These computers that are overtaken are called Zombies.   If your computer isn’t equipped with up-to-date anti-malware software and the latest version of your operating system, you could  be part of the problem.

Twitter has confirmed that its outage Thursday morning and subsequent intermittent problems were due to an ongoing denial-of-service attack.

Typically a DoS attack, which is often called a distributed denial-of-service attack, results when multiple computers simultaneously try to access the site in question. Usually the reason that happens is because the attacking PCs are infected with malware that does the dirty work for whoever is behind the attack.

* Using a good anti-malware suite from a reputable vendors. Pathway Solutions can help you do an analysis to see if you are infected.

* Making sure your operating system has the latest patches. Visit Microsoft and Apple security pages for information.  Using a provider to make sure that you are up to date is a worry free way of taking care of this.

* Avoid clicking on e-mail links that take you to Web sites you’re not familiar with (malware is often distributed through “drive-by downloads” from unrepeatable or infected sites). Recently I have seen where you will get an email from yourself with an attachment that is infected.  This is a common way that the attack is introduced to your network.

For more help with securing your network and making sure all your systems are up to date and virus free visit http://itpws.com

Pathway Solutions. Inc.
scott@itpws.com

425.374.0888

Posted in Network, Web | No Comments »