Irked By Cyberspying, Georgia Outs Russia-based Hacker

coondoggie writes "In one of the photos, the dark-haired, bearded hacker is peering into his computer's screen, perhaps puzzled at what's happening. Minutes later, he cuts his computer's connection, realizing he has been discovered. In an unprecedented move, the country of Georgia — irritated by persistent cyber-spying attacks — has published two photos of a Russia-based hacker who, the Georgians allege, waged a persistent, months-long campaign that stole confidential information from Georgian government ministries, parliament, banks and NGOs."

Re:

[Anonymous Coward]

Story says hacker knew he was hacked after 10 minutes. How does that explain two pictures different angles one shirt less.

Why would Georgia admit to it?

Re:lol georgia

[wonkey_monkey]

Story says hacker knew he was hacked after 10 minutes. How does that explain two pictures different angles one shirt less.

It's a well-known and interesting fact that hackers can move their laptops and put on a shirt in less than five minutes.

Re:lol georgia

[frosty_tsm]

My worry is what did the web cam capture between shots when he stood to get a shirt.

Re:lol georgia

[lightknight]

Does using a trojan count as hacking? I can't keep up with things these days.

Still the part where the 'hacker' downloads an executable file, and runs it...that's weak sauce. One, it tells us he's probably running Windows. Two, it shows he is an idiot: what 'hacker' blindly runs an executable file, even one given to him by 'friends'?

See, if the 'authorities' had managed to capture an image of him by pulling apart a botnet client, tracing the originating command server through several wayward paths, spelunking their way up the internet one router at a time until they found the source of the packets containing a fraudulant origin IP address, then exploited a weakness on a service running on a common port that wasn't patched / no one knew about, then turned on his webcam to grab a photo or two of him while quietly copying evidence off his machine, I'd be inclined to say "GG" and award some finger-snaps for one-upping someone on their own battlefield.

But using social engineering on someone running a common operating system, someone without the common sense inherent in a level one helldesk operator (do not run unknown executables)...I mean, he doesn't even fire up a VM and lock it off the internet before running the thing? Does anyone actually think this guy was anything more than, at best, a script kiddy, and at worst, a pawn?

If this is the best news that they can put out these days regarding their capture of 'cyber-criminals,' there either aren't any, or they're getting schooled.

Here's a hint for understanding power in the virtual realm -> if you need to work with others to achieve something, or need to get a judge to sign off on something, you're doing it wrong. If you need to call up a Bell to run a data tap to find the equivalent of the opportunistic thief robbing a 7-11...then you don't know enough about technology to 'fight' effectively.

Re:

[mgt]

One: what difference does it make if he runs Windows or not? Would he be more eligible to be a hacker if he was running AmigaOS or BeOS or what are you trying to say?

Two: The article did not say anything about running a executable file. It said he had downloaded a zip file called ""Georgian-Nato Agreement.", not that the zip contained exe's. There are other files than just executables that can contain malicious code, for example the guy himself is supposed to have used XDP files.

Re:

[lightknight]

Does it matter that he's running Windows? Perhaps not. Does it cast doubt on whether this 31337 h@x0r was anything more than a script kiddie acting on the orders of someone else / using someone else's software? Yes.

Honestly, I do not understand why some people seem to think that to be a cracker, you must be an idiot with a flaw. As in, "despite working with dangerous code on a daily basis, no cracker would ever run untrusted code inside a VM with no ports to the internet." That it's all just some form of au

Re:

[hairyfish]

Here's a hint for understanding power in the virtual realm -> if you need to work with others to achieve something, or need to get a judge to sign off on something, you're doing it wrong. If you need to call up a Bell to run a data tap to find the equivalent of the opportunistic thief robbing a 7-11...then you don't know enough about technology to 'fight' effectively.

You missed the part about having to wear a long black leather trench coat. Everyone knows that all the leet h@xx0rz all wear trench coats.

Re:

[lightknight]

Except that the post is fairly accurate. Operational security is considered a big aspect of the h@x0r culture; the higher up you go, the more operational security they tend to use.

What part of that is BS? Or, as I suspect, with no ID and no evidence to counter my argument, you are purely a troll.

Re:

[sarysa]

More importantly, why would this professional, master neo-KGB hacker expose his camera like that? I'm a nobody but even I've heard of masking tape.

Re:

[Gaian-Orlanthii]

My Dad was reading some of those old 1990's cyber-spy-crime-somethinginternet novels recently (think 'Len Deighton' approved, etc.).

He put down one of the books one day and asked me: "How the hell could someone hack into the CIA??" and I said, "Dad, that was like, 30 years ago. Facebook knows more about your life now than the KGB could ever have."

He acted like he knew what I was talking about and continued reading. Later on, he asked me why Virtual Reality hadn't been used in the Gulf War because that woul

Borat!

[sycodon]

I want to make love explo....

ahhh...fuck it. time for bed. I have web apps to write tomorrow.

A "hacker" or a "cracker"?

[Anonymous Coward]

Can somebody help me out here? Since the title of this submission has "hacker" in it, I thought it'd be about some guy who does cool stuff with hardware, or somebody who has been writing some intense open source software. But I don't see any of that here. Is this submission actually discussing a "cracker", rather than a "hacker"?

Re:

[Anonymous Coward]

I had the same eye-twitching reaction, but I fear we lost that battle 20 years ago.

Anyway, with the word "cracker" in the headline people might have mistakenly assumed it was about the American state.

Re:A "hacker" or a "cracker"?

[TapeCutter]

Words are often meaningless without context, a 'cracker' could be..

In the UK, something really good, as in "she's a cracker".
Short hand for 'firecracker'.
Someone who breaks computer security.
Someone who can open a safe without the combination.
Something to do with an american state, not sure what?.

Re:

[Opyros]

Something to do with an american state

A Georgia cracker [wikipedia.org]; so did you do that on purpose?

Re:

[TapeCutter]

No and thanks, I honestly had no idea what the GP was talking about, I was born in Manchester in the UK so already knew what the word "craic" means. ;)

Re:

[Anonymous Coward]

Except it was the other way around - russkies wanted their colonies back. And speaking of escaping the gravity well, Estonia seems to be in the clear. Good on them!

Re:Hell, here we go again:

[TapeCutter]

Anonymous americans will swallow anything and then regurgitate it as fact. Georgia attacked the Russkies at the border, the Russkies chased them all the way back to the capital. If they "wanted their colonies back" they could easily have stomped the capital there and then and made the case that it was for their own defence. But that's not what happened, having marched to the city limits of the capital they had proved their point to the world and reiterated that point by simply walking away.

Re:

[tlambert]

It was separatists, not the Georgian military, and it happened after a long list of provocations by Russia involving Abkhazia and South Ossetia. In 2008, Russia shot down a Georgian drone over Abkhazia, which they did not technically have the right to do, as it was part of Georgia. Things got worse from there.

Here's the Wikipedia account; start your editors!

http://en.wikipedia.org/wiki/2008_Georgia [wikipedia.org]–Russia_crisis

Re:

[TapeCutter]

Agree, there's was a lot more to it than a summary of my recollections, when all's said and done Georgia is just another pawn in the Caspian sea oil wars being fought between the big boys.

Re:

[shutdown -p now]

Russia shot down a Georgian drone.

Georgia shelled the Russian peacekeeper force barracks, killing several dozen people. And that was a detour - primarily, they were indiscriminately shelling residential blocks of Tskhinval.

Those are totally two comparable "provocations".

Re:

[tlambert]

"Tskhinval or Ch'reba; Russian: ()), is the capital of South Ossetia, a disputed region which has been recognised as an independent Republic by Russia and another four UN members, and is regarded by Georgia and all other UN member states de jure as a region within Georgian sovereign territory."

http://en.wikipedia.org/wiki/Tskhinvali [wikipedia.org]

Perhaps you should shell a barracks when a foreign power builds one in one of your cities. At least according to the 189 of the 193 members of the UN who agree that Ossetia is p

Re:

[alphatel]

I am amazed that anyone would see Russia as non-provacative in this situation. The region, Ossetia which is in Georgia, is separated by the equivalent of the Himalyas from Russia. This region is called The Caucas Mountains, as in Caucasian where most fair-skinned people get their classification. These are tall, year-long snow-capped mountains, that the Russians walked over with a few troops of tanks. The UN concluded that Russia's goal was the succession of Ossetia and Abkhazia as an attempt to force Georgi

Re:

[Ogi_UnixNut]

The Russians are only following what the EU/America did 10 years earlier to Serbia (Considered an ally of Russia). I strongly suspect that the reason the EU/US didn't protest much was due to the fact they didn't have a leg to stand on (don't throw rocks from glass houses and all that).

The west Annexes part of a Russian ally, Russia annexes part of a Western Ally. Geopolitics at work, only the small countries and their peoples suffer.

Re:

[shutdown -p now]

Those regions were already de facto independent ever since their last wars with Georgia have concluded in early 90s - just not recognized as such by most other countries.

Oh, and you do realize why [wikipedia.org] Ossetians and Abkhazians fought for their independence even back then, right?

Re:

[ak3ldama]

No, no, you see: he used the words "Russian peacekeeper force" so, you know, that changes everything!

Re:

[shutdown -p now]

"Tskhinval or Ch'reba; Russian: ()), is the capital of South Ossetia, a disputed region which has been recognised as an independent Republic by Russia and another four UN members, and is regarded by Georgia and all other UN member states de jure as a region within Georgian sovereign territory."

Kosovo was also "a region within Serbian sovereign territory", but when the Serbs started to wipe out the locals - which, according to you, they had full rights to, as a sovereign country - their whole country was pounded much worse than Georgia.

In any case, South Ossetia has already fought a war of independence in 1992, and has been de facto independent and running itself for 16 years before the Georgian tanks rolled the streets of its capital to "restore territorial integrity". For some mysterious reason,

Re:

[tlambert]

Kosovo was also "a region within Serbian sovereign territory", but when the Serbs started to wipe out the locals - which, according to you, they had full rights to, as a sovereign country - their whole country was pounded much worse than Georgia.

By "you", I assume you mean the US government, which I assure did not represent my personal views in the matter, and whose executive at the time was an asshole I voted against in the previous presidential election, right?

Get a grip: the US has an internal revolution every 4-8 years; we just do it peacefully, rather than by lobbing shells between the red and blue states. You might want to try it some time.

You guys really don't "get" Democracy yet, do you? So the majority of you elected an asshole, Gamsakhu

Re:

[shutdown -p now]

By "you", I assume you mean the US government, which I assure did not represent my personal views in the matter, and whose executive at the time was an asshole I voted against in the previous presidential election, right?

By "you", I mean all the countries that raised the fuss about the conflict. These were mostly the same countries that directly participated in the military operation against Serbia back in the day, bombing their capital etc.

More specifically, by "you" I mean you in particular, since you've implied that Georgian Army shelling and assaulting an Ossetian city, indiscriminately targeting civilian objects, is a-ok because it is "within Georgian sovereign territory". That's a bullshit excuse, not really any diffe

HA HA

[Anonymous Coward]

Communist dirt bag Got caught with his shirt off.

The real story is they pawned him with porn lol

Gigantic applause for security practices...

[Anonymous Coward]

Once again, we can see how tremendously useful public servants have been in setting up secure systems, using secure OSes, good security practices, etc.

The infection vector was what? Some automatically run PDF shipped Base64-encoded in an XML file?

I mean. Like. Opening a PDF gets you rooted!?

Wow. Just wow.

But, hey, no problem... Because from TFA apparently some taxpayers money had been spend buying some local "Dr. Web" antivirus.

As long as people are going to consider it normal to be infected this way an

Another Adobe exploit

[abirdman]

This looks like another Adobe exploit. Both the bad guy and the good guys used it. And when they infected Boris Badenoff's computer, they only took .doc's and not .pdf's. I wish I could be so selective.

Re:

[TheGratefulNet]

I blame moose and squirrel.

Tomorrow's news

[godel_56]

"Bearded man found shot dead in Russian apartment, found hunched over keyboard."

The Georgians don't mess around, any more than the Russkies do.

He'd better watch his back.

".

Re:

[zerro]

I was thinking the same thing. Another lone-wolf hacker ;)

If he has half a brain, he's trying to turn himself to the nearest NATO affiliated embassy. If not, he will shortly disappear.

In Soviet Russia, you get hacked.

Re:

[Maow]

I don't know. If I were Russia, I'd simply deny all knowledge of the guy while doing my damnedest to keep him alive. Arresting him on some kind of charges comes to mind.

If I were Georgia, I'd publish his picture, make it a huge deal, then make sure the whole world found out he died in order to discourage new recruits.

If I were Russia, I wouldn't mind at all if he died - so he cannot expose any (more) secrets about his handlers, etc.

Re:

[Anonymous Coward]

Exactly so. The fool is a liability now. Sucks to be him.

Re:

[TheGratefulNet]

"that's the night
that the lights went out
in georgia..."

Re:

[VillageDolt]

We are not planning to whack him, and don't call me Shirley.

Politics are dirty

[epSos-de]

This guy looks Georgian to me. He could be a human rights activist who is now accused to be a spy. Politics are dirty and the truth is far from what the officials say in that part of the world.

Re:

[m1ndcrash]

He doesn't look Slavic that's for sure.

Re:

[shiftless]

Politics are dirty and the truth is far from what the officials say in that part of the world.

And that differs from this part of the world how?

Webcams

[girlintraining]

Public Service Announcement:
Don't hack with a web cam plugged in.

Re:

[zerro]

..... or microphone plugged in, or from your own pc, or from a non one way-terminal (like x/vnc), or open unknown target's docs on your own machine instead of a burnable vm, etc,....

Doesnt sound like a top-level professional, but the junior-grade trainee - probably taking orders from above.

Re:

[Anonymous Coward]

Exactly if this guy wasn't hacking from via some node he pwned (or through several routed nodes) he's just a neophyte. Too bad he's good as dead now that the georgians are after him and the russians don't like failure.

Re:Webcams

[Mitreya]

Doesnt sound like a top-level professional, but the junior-grade trainee - probably taking orders from above.

Or, you know, also sounds like not a hacker at all.

What makes you think he's an actual hacker and not just someone who was a source of inconvenience for other reasons?

Re:

[zerro]

right. we dont.

Re:

[Errol backfiring]

Forgive me my Intercal, but PLEASE DO hack with your webcam plugged in. It's only fair to give your victim a change to hack back.

Carpet

[Psychotria]

I love the carpet on his ceiling. Not sure how easy it is to vacuum though. Also, have I seen that guy in a movie somewhere?

Re:

[zerro]

Borat's bumbling was just cover for a true-to-life Eastern European cyber-James-Bond?

uh, no...

Re:

[Anonymous Coward]

Looks more like pressed tin

Re:Carpet

[Psychotria]

Looks more like pressed tin

Hmm. You might be right. Perhaps he added that as a comfort feature so that he could remove his tinfoil hat when indoors.

Re:

[theshowmecanuck]

Probably embossed plaster or tin. In the old days people would do that in North America too. Not common, but not uncommon either. Matter of taste and location. Not so prevalent any more on this side of the ocean.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[Anonymatt]

You know what, they install the tin ceiling stuff in almost every cheesy new bar around here.

Re:

[citizenr]

Also, have I seen that guy in a movie somewhere?

Edward Norton.

http://globalhiphopbattles.com/wp-content/uploads/2010/12/edward-norton.jpg [globalhiphopbattles.com]

Re:

[rxmd]

It's not carpet, they're styrofoam plates to imitate embossed plaster. You see that quite often in flats in Soviet-era prefab apartment blocks.

People used that sort of thing as part of low-to-medium-end remodels to individualize their flats a little bit, in particular in the 1990s, together with closing their balconies with masonry to get a little bit of extra (super-small) floor space, partly removing the inner wall sections to get a more individual layout, and moving the kitchens to the balcony to use the

Re:

[ockegheim]

In Eastern Germany in 1995, I saw an ornately and tastefully decorated apartment inside a building with a soul-crushing grey exterior.

I also got a ride (over cobblestones) in a Trabi, since consigned to history.

Poor Sergei

[Anonymous Coward]

First his ARM got hacked..... then his legs and head!

Captcha: deterred

In Soviet Russia...

[H3GS]

...Computer Hacks You! Seriously loving the decor though.

bearded?

[Anonymous Coward]

Since when does having a mustache enough for one to be considered "bearded". As a bearded man myself I'm offended. lol

Re:

[Psychotria]

Since when does having a mustache enough for one to be considered "bearded". As a bearded man myself I'm offended. lol

I noticed that as well and the only reasonable conclusion is that the rest of his beard is invisible.

What's most surprising to me is the webcam

[Guru80]

How is that not the first thing removed if it isn't built-in or covered up with a piece of duct tape if it is? High skilled dumbass apparently.

Re:

[GameboyRMH]

Most laptops have a hardwired LED that comes on when the camera is powered up. It gives you less than a second to get out of the way though.

Re:

[Guru80]

Good ole piece of duct tape permanently over it renders it completely useless. I couldn't hack a machine to save my life but if I were going to be engaged in such things I've seen enough movies to know the good and/or bad guys always use your camera to watch you.

Rule of International Hacking

[Anonymous Coward]

Don't hack the country you're in. Russia has a history of excusing hackers who steal from other countries. You almost get congratulated if you steal and bring more money into the local economy. Even if they're upset, a lot of countries don't like to extradite.

Re:

[GameboyRMH]

And they only have the 3rd cleanest prostitutes in the region.

Spy?

[Hentes]

Doesn't look like a government agency to me, although it's possible that the guy works from home.

Georgia outs bad Russia-based hacker

[dgharmon]

"This guy had high-class skills", Gurgenidze said

I don't think so ...
--

'The accounts are encrypted with a 1024 bit cipher. Even I can't break through the fire wall', Swordfish

Big Hit

[__aaqvdr516]

He should have used the phone buster buster.

When do we start seeing deaths?

[PerlPunk]

I would think that at some point we are going to see intelligence agencies start to send hit teams to kill hackers. It has probably already happened but we haven't seen headlines for it.

Infected through a ZIP file?

[hazeii]

From the story:

>On that computer, they placed a ZIP archive entitled "Georgian-Nato Agreement." He took the bait, which caused the investigators' own spying program to be installed.

Elite, wasn't he? Infected by a ZIP file...hmm.

subject

[Legion303]

He should have bounced his connection through InterNIC and then erased the logs.

Script Kiddie != Hacking

[firesyde424]

If running a premade script and following instructions someone else wrote makes me a hacker, does that mean I can go buy a toy store chemistry set, perform a few preset experiments and call myself a chemist?

Re:

[GameboyRMH]

No but you could call yourself a terrorist.