Перейти к содержанию

Black Liquid


Рекомендуемые сообщения

Guest blogger for Spin Hunters for this month is Sam Aldis, the founder of darkstar.me.uk. Sam started as a blackhat/script kiddie but soon he has learned a life lesson when he broke into a big football(soccer) leagues site. Sam did not serve any sentence but he had to pay a hefty fine. This is how he turned into a whitehat and now he is in the process of setting up his own security company. In this post, Sam Aldis explores several methods that blackhats may use in order to send a targeted company into liquidation. These are his words:

 

In this paper I will be explaining a few methods for forcing a business into liquidation through Black PR (or blackhat PR). This paper is based around methods which can be executed entirely from the Internet.

Attacking The Stocks

 

You don’t have to break into a stock market website because the security can be very high. The best way to send your target company into liquidation is to get access to their news server (i.e. be able to post news) with access to this and the right to post news the attack can then effect the stocks by posting bad news about the company or predictions about what’s going to happen. That will be followed by a mass selling of stocks and the company will loose money and eventually be forced into liquidation. This will work even better if news items are posted to a RSS feed which is checked by people who own stocks or shares of the targeted company.

Attacking the Internals

 

If you are able to gain access to the Intranet or internal network of the company you might be able to change important information such as inflow and outflow sheets as well as cash flow forcasts in such a way that the company will use them to make decisions that will eventually force it into liquidation.

 

You may also be able to gain access to a list of current customers and send emails/snail mail to them with bad/incorrect information about the company which will make them choose to use a different company. This will also eventually close the company down. Finally, if you are able to get access to the password for a Skype or other VoIP service then you might be able to place a phone call to a local news paper with some incorrect information that will be damaging to the company when published.

Attacking the Cloud

 

If none of the above methods are possible then it is possible to leak false information into the "cloud" (the Tnternet). This can be done in several ways. The following list contains some of them:

 

* Sending an email pretending an employee of the company and give information that will discredit the company.

* Posting information about the company to your own blog/website if it has a good PR (page rank)

 

Spread rumors on social networks and other communication media on the Internet.

 

All of them can be done in an automatic manner.

 

Thanks for reading this short paper. We at darkstar take no responsibility for your actions.

Ссылка на комментарий
Поделиться на другие сайты

Заархивировано

Эта тема находится в архиве и закрыта для дальнейших ответов.

×
×
  • Создать...