
How Georgia doxed a Russian hacker (and why it matters) - shawndumas
http://arstechnica.com/tech-policy/2012/11/how-georgia-doxed-a-russian-hacker-and-why-it-matters/
======
atamyrat
It's quite funny and genius. Article says that malware used by Georgia is not
specified, but from original PDF report it's clear that they have used his own
exploit to attack him!

From PDF: "then gave Cyber Attacker Fake ZIP Archive with his own virus inside
and the name “Georgian-Nato Agreement”."

It was possible because they already had an access to his C&C servers.

------
kylemaxwell
For me, this matters less because of "what chance do the rest of us have?" and
more about implications for so-called "hack back" initiatives and the thorny
problem of attribution. I don't have access to the evidence that the Georgia
CERT does, of course, but their analysis goes far beyond using a webcam and
geolocating an IP address.

It's interesting that somebody that isn't a military organization or law
enforcement (strictly speaking) comes out and admits that they infiltrated the
exfiltration with their own malware. The idea has been around a long time but
they had pretty good results, apparently!

------
vizzah
Well, to anyone who can comprehend that .pdf research in full, it will be
crystal clear that this hacker CAN NOT be working for Russian government.. he
must had his personal, likely scouting for classified info reasons, but it all
can be hardly defined as a "government attack" based on his (below average)
skill level, his surroundings and a physical location.

~~~
JagMicker
I don't think a judgement can be made at this point as to whether he was or
was not working in collaboration with some form of Russian gov.

I picture a somewhat disorganized system of Russian gov. employees sometimes
working together and other times in opposition.

The Wikipedia article about the Russian FSB mentions certain internal groups
spying on one another. It wasn't that long ago when federal agencies like the
CIA and FBI were at odds and spying on each other.

~~~
walshemj
Could very well be a co-optee which the KGB used to do a lot in the past and
presumably the FSB is no different.

Lets be honest no sensible Russian is going to say no to the FSB if they ask
for a favor.

------
gadders
WTF is doxing?

~~~
seanponeil
<http://www.urbandictionary.com/define.php?term=doxing>

~~~
somabc
This is not so much doxxing as a 21st Century Wanted Poster

------
tomrod
So, what's next? Will the world start buying computers and phones without
webcams? Seems like stories concerning malevolent webcam usage comes up about
every six months.

~~~
kristofferR
Why stop buying laptops with webcams when applying a $0,01 piece of tape over
it is all that is required if you're worried about it?

~~~
al1x
There's also the standard built-in microphone. The best option is to
disassemble the laptop, remove the webcam hardware, and clip the leads to the
mic--detatching it from the motherboard. If you need a webcam use an external.

~~~
tankbot
Don't forget to pee in Mason jars so they can't harvest your precious bodily
fluids!

Seriously though, paranoid much?

~~~
tomrod
So... peeing in Mason jars is a sign of paranoia?

~~~
tankbot
Maybe. Unless you're a long-haul trucker trying to shave some time, but those
are typically plastic bottles.

Or I suppose some extended coding sessions? I can't imagine a real need for
such extreme tactics but who am I to say it doesn't happen.

