Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: Lessons learned from the Palin (and other) account hijacks - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Lessons learned from the Palin (and other) account hijacks

While a number of you e-mailed in last week about the account hijacking of Gov. Palin's Yahoo! e-mail account, we didn't comment on it in the diary here because it was pretty well covered in the mainstream press and we didn't have anything of significance to add.  Although, we did have some interesting conversation among the handlers in e-mail and in our jabber channel about obfuscating the answer by, for example, taking the MD5 hash of it and using that.  This morning as I was trying to decide what diaries to write, I did get to thinking about whether there are any lessons to be learned from this and other recent high-profile account hijackings (pdp at GnuCitizen, Alan Shimel, etc.).  Before I really got any thoughts written down, however, I happened across this story on our friend Gary Warner's blog and decided that he covered it well enough, I'd just send you over there.  About the only thing I'd do differently than Gary suggests is I'd MD5 or SHA-1 (or SHA-256) the lies.    Enjoy.

I will be teaching next: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - SANS DFIR Summit & Training 2022


423 Posts
ISC Handler
Sep 22nd 2008

Sign Up for Free or Log In to start participating in the conversation!