Researcher: Tools Will Help Personalize ID Theft by 2010By Lisa Vaas | Posted 2007-04-19 Email Print
Know the Risk: Digital Transformation's Impact on Your Business-Critical Applications REGISTER >
A well-known security expert demonstrates a framework at the CanSecWest conference that makes it easier for criminals to steal identifying data.
VANCOUVER, British ColumbiaHackers with scrounged-up data ask the same question as dogs who've caught the school bus: What do we do with it now?
Roelof Temmingh has the answer, at least for rogue hackers, in the form of a framework that makes identity theft a much easier proposition. The framework, which is in the early stages of development, is called Evolution. Temmingh, a security expert who's authored well-known security testing applications such as Wikto and CrowBar, demonstrated Evolution during his opening presentation here at the CanSecWest security conference on April 18.
Evolution works by feeding on disparate identifying data such as name, e-mail address, company, word or phrase, and Web siteor the hacker's version of that, which would translate to IP address, virtual hosts, Netblocks/AS routes, affiliations (with social sites such as LinkedIn, MySpace, Facebook, and so on), forward and reverse DNS-MX/NS records, Whois records/rWhois and referring registrars, Google, and microformats including, for example, vCards.
Read the full story on eWEEK.com: Researcher: Tools Will Help Personalize ID Theft by 2010.