Follow-up: How did a hacker get into UGA system?

Joe Johnson reports some of the follow-up on University of Georgia hack disclosed last year:

University of Georgia officials thought they may have been under attack from multiple hackers when the identities of thousands of employees and students went missing last fall.

But it turned out to be the work of a single person, a former UGA student, who used a proxy server that disguised the Internet Protocol address of his computer.

According to documents recently filed in Clarke County Superior Court, 26-year-old Charles Stapler Stell used a London-based website, Hidemyass.com, when breaking into UGA’s Identity Management System.

Read more on Augusta Chronicle.

About the author: Dissent

2 comments to “Follow-up: How did a hacker get into UGA system?”

You can leave a reply or Trackback this post.
  1. IA Eng - April 29, 2013

    Hide nothing. This is proof positive that people who feel comfortable about using proxy style services better prepare themselves to have their pants around thy ankles if they think they have a rock solid scheme to hide one’s IP.

    People who use these services don’t realize, or care that these services tend to act as a man in the middle to their surfing habits. Can these sites watch your browsing habits? Can these sites capture your keystrokes? If the act as a MITM (man in the middle), your connection to them is ripe for the picking.

    So you spoof your address, but the ability for you to get into the site is limited by the knowledge you have visited in the past. To ensure the path works, I bet it was first tested to see that entry could be gained. Then, he tries it behind a proxy and well, add two plus two, its not hard to retrace steps with the right forensic team and the audit trail. This is hypethetical, but more than likely they found the intrusion and prior navigation by the same individual.

    I am sure the website didn’t hide him at all when the website was offered a dilemna from the feds. People don’t understand that any communication whatsoever can be backtracked through devices if they are done within a certain timeframe. Its a long story, but eventually, that session was tracked back to the site. I haven’t been to the site, so I am unsure how they got his name, but they surely could have got his original IP. With that and a warrant, they forensically search his computer and well the rest is displayed here.

    Again, nothing is totally fool proof when it comes to disguising one self. It all depends on how far the breached organization wants to go. Here, they pushed all in and got an end result. Who knows what other material they pulled from evidence.

    Good, I hope he gets a fair trial and if found guilty sits in his cell for the primetime of his life, and headslaps himself for being so “ego-testical”.

    • Steve - May 4, 2013

      Unfortunately, you can use someone’s open wifi then a proxy server.
      Harder to catch unless you are silly enough to use your neighbours.

Comments are closed.