By Conrad Walters
October 9, 2008
WHEN Australian web users learned from the Herald that details of their
online accounts  had been posted on a hacker's website for all to
see, they were suspicious, then alarmed, then furious at the hacker who
compromised their identities.
Email addresses, matched with user names and passwords for online
memberships, were offered by the hacker for anyone wanting to try their
hand at identity theft or even financial fraud.
The Herald stumbled across the site during its investigations into
online fraud. "It's obviously startling," said Lachlan Yee, a research
associate in biotechnology at the University of NSW and one of those
whose details were exposed by the hacker.
Dr Yee instantly recognised a password linked with his university email
address. Fortunately, the password was only used for "not-so-crucial"
uses such as online sports forums, he said.
The distributor of the data, a hacker who uses the name Farbod, offered
9600 identities for free. His motivation? To earn status and credibility
on a website that rates hackers' skills.
Farbod, who purports to be from Texas, has already advanced in rank from
lowly "pirate in training" to "Microsoft nightmare".
Register now for HITBSecConf2008 - Malaysia! With
a new triple-track conference featuring 4 keynote
speakers and over 35 international experts, this
is the largest network security event in Asia and
the Middle East!