This story actually gave me a lot of LULZ, how stupid can you be seriously? Man this guy made so many mistakes for someone so paranoid (he had a web cam setup outside his appartment door so he could see who was coming)..
He wasn’t exactly making it hard for someone to find him..especially seen as though he actually WORKED IN THE HOSPITAL.
The leader of a malicious hacker collective who used his job as a security guard to breach sensitive Texas hospital computers has been arrested just days before his group planned a “massive DDoS” attack for the July 4 Independence Day holiday.
Jesse William McGraw, 25, of Arlington, Texas, was taken into custody late Friday evening after posting screenshots showing he had complete control of computers that administered air-conditioning systems at The Carrell Clinic in Dallas, federal prosecutors said. McGraw also brazenly posted videos showing him installing malware on hospital computers that made them part of a botnet he operated, said a network security expert, whose sleuthing uncovered the breach.
As a contract security guard at the hospital, McGraw had no authorized access to any of its computers. But that didn’t stop the miscreant, who went by the handle GhostExodus, from taping himself as he walked down the halls of the hospital with a blue security guard uniform poking out through a gray hoody, as he bragged about gaining control over sensitive computers.
If there was ever an original script kiddy, I think this guy fits the bill perfectly.
Seems like his l33t hacking skills extend to walking into rooms he has access too (with a security card), and taking some screenshots!
Or perhaps even sometimes he booted in with BackTrack and reset the passwords.
“It’s a unique mindset among these hackers,” said Wesley McGrew, a 29-year-old network PhD network security researcher at Mississippi State University. “It’s all about respect and fame and the respect of their equally weird peers.”
According to McGrew and federal prosecutors in Dallas, McGraw was the leader of a hacker gang known as the Electronik Tribulation Army. He had recently posted videos admonishing fellow hackers to carry out a “massive DDoS,” or distributed denial of service, attack on July 4, a date he called “Devil’s Day”. While the target and other details of the attack are unknown, the investigators are taking the threat seriously because McGraw, prior to his arrest, had tendered his resignation as a security guard job effective July 3.
According to court documents, hospital officials had experienced problems with their HVAC, or heating, ventilation and air-conditioning, units and were perplexed why none of the system alarms had gone off as programmed. Had they seen screenshots posted here by someone calling themselves GhostExodus, they would have known why. They images showed the HVAC control window for the hospital’s surgery unit. A test alarm setting was turned to “inactive.”
“You almost can’t help it ya know,” GhostExodus writes. “It must be done!”
Yah you just can’t help messing with the critical HVAC system of a hospital YOU TOOL. What is the point of that anyway, other than bragging rights (which will only impress other script kiddies).
Who knows…I guess if he had any real skills he wouldn’t be working as a security guard and he’d actually be using his talent to make some real bank.
Oh well, good luck to you I say GhostExodus.
Source: The Register
- Dradis v2.9 – Information Sharing For Security Assessments
- MagicTree v1.3 Available For Download – Pentesting Productivity
- Kvasir – Penetration Testing Data Management Tool
- Heartbleed Implicated In US Hospital Leak
- The Conscience of a Hacker AKA The Hacker’s Manifesto By The Mentor
- Royal Canadian Mounted Police Arrest Heartbleed Hacker
Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,135,231 views
- Hack Tools/Exploits - 578,573 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 412,703 views