Jump to content

‘Anti-capitalist’ Verkada hacker charged by US government with attacks on dozens of companies - Piracy News and Crypto Updates - InviteHawk - Your Only Source for Free Torrent Invites

Buy, Sell, Trade or Find Free Torrent Invites for Private Torrent Trackers Such As redacted, blutopia, losslessclub, femdomcult, filelist, Chdbits, Uhdbits, empornium, iptorrents, hdbits, gazellegames, animebytes, privatehd, myspleen, torrentleech, morethantv, bibliotik, alpharatio, blady, passthepopcorn, brokenstones, pornbay, cgpeers, cinemageddon, broadcasthenet, learnbits, torrentseeds, beyondhd, cinemaz, u2.dmhy, Karagarga, PTerclub, Nyaa.si, Polishtracker etc.

‘Anti-capitalist’ Verkada hacker charged by US government with attacks on dozens of companies


Recommended Posts

A Swiss computer hacker named Tillie Kottmann has been charged by the US government with multiple accounts of wire fraud, conspiracy, and identity theft. The indictment accuses Kottmann and co-conspirators of hacking “dozens of companies and government entities,” and posting private data and source code belonging to more than 100 firms online.

The 21-year-old Kottmann, who uses they / them pronouns, was most recently connected to the security breach of US firm Verkada, which exposed footage from more than 150,000 of the companies’ surveillance cameras. But the charges filed this week date back to 2019, with Kottmann and associates accused of targeting online code repositories (known as “gits”) belonging to major private and public sector entities, ripping their contents and sharing them to a website they founded and maintained named git.rip.

KOTTMANN IS LINKED TO DATA BREACHES FROM MICROSOFT, INTEL, NISSAN, AND MORE

Git.rip has since been seized by the FBI, but previously shared code and data belonging to numerous companies including Microsoft, Intel, Nissan, Nintendo, Disney, AMD, Qualcomm, Motorola, Adobe, Lenovo, Roblox, and many others (though no firms are explicitly named in the indictment). The exact nature of this data varied in each case. A rip of hundreds of code repositories maintained by German automaker Daimler AG contained the source code for valuable smart car components, for example, while a breach of Nintendo’s systems (which Kottmann said did not originate from them directly but which they reshared through a Telegram channel) offered gamers rare insight into unreleased features from old games.

In interviews about earlier breaches, Kottmann noted repeatedly that the data they found was usually exposed by companies’ own poor security standards. “I often just hunt for interesting GitLab instances, mostly with just simple Google dorks, when I’m bored, and I keep being amazed by how little thought seems to go into the security settings,” Kottmann told ZDNet in May 2020. (“Google dorks” or “Google dorking” refers to the use of advanced search strings to find vulnerabilities on public servers using Google.)

In the case of the Verkada breach, Kottmann and their associates reportedly found “super admin” credentials that gave them unfettered access to the company’s systems that were “publicly exposed on the internet.” These logins allowed the hackers to look through the live feeds of more than 150,000 internet-connected cameras. These cameras were installed in various facilities including prisons, hospitals, warehouses, and Tesla factories.

Kottmann said they were motivated by a hacktivist spirit: wanting to expose the poor security work of corporations before malicious actors could cause greater damage. Kottmann told BleedingComputer last June that they didn’t always contact companies before exposing their data, but that they attempted to prevent direct harm. “I try to do my best to prevent any major things resulting directly from my releases,” they said.

KOTTMANN SAID THEY WERE MOTIVATED BY AN ANTI-CAPITALIST IDEOLOGY

After the Verkada breach, Kottmann told Bloomberg their reasons for hacking were “lots of curiosity, fighting for freedom of information and against intellectual property, a huge dose of anti-capitalism, a hint of anarchism — and it’s also just too much fun not to do it.”

The US government, not surprisingly, takes a dimmer view of these activities. “Stealing credentials and data, and publishing source code and proprietary and sensitive information on the web is not protected speech — it is theft and fraud,” Acting U.S. Attorney Tessa M. Gorman said in a press statement. “These actions can increase vulnerabilities for everyone from large corporations to individual consumers. Wrapping oneself in an allegedly altruistic motive does not remove the criminal stench from such intrusion, theft, and fraud.”

The indictment includes as evidence, numerous tweets and messages sent by Kottmann using handles including @deletescape and @antiproprietary. These include a tweet sent on May 17, 2020 saying “i love helping companies open source their code;” messages to an unnamed associate soliciting “access to any confidential info, documents, binaries or source code;” and tweets sent on October 21 in which Kottmann said that “stealing and releasing” corporate data was “the morally correct thing to do.”

Kottmann is currently located in Lucerne, Switzerland, where their premises were recently raided by Swiss authorities and their devices seized. Whether or not they will be extradited to the US is unclear. Bloomberg reports that Kottmann has retained the services of Zurich lawyer Marcel Bosonnet, who previously represented Edward Snowden. The charges against Kottmann carry up to 20 year prison sentences.

Link to comment
Share on other sites

Avoid unnecessary posts such as 'Thank you', 'Welcome', etc. Such posts will be deleted and user will be warned if it happens again. If caught spamming, the following actions are applicable -

  • First time - Warning
  • Second time - 5000 Points will be deducted
  • Third time - Ban for 7 days
  • Fourth time - Permanent Ban

If the post helped you, reward the user by reacting to the post like this -

1.jpg

Link to comment
Share on other sites

The last post in this topic was made more than 14 days ago. Only post in this topic if you have something valuable to add. Irrelevant posts are not allowed and you will be warned/banned for spamming old topics.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Read this before posting -
  • Only post if you have something valuable to contribute.
  • Avoid unnecessary posts such as 'Thank you', 'Welcome', etc. Such posts will be deleted and you will be warned if it happens again.
  • If the post helped you, reward the user by reacting to the post like this -                      1.jpg
Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Customer Reviews

  • Similar Topics

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.