Hacker Blackmails Hacked for Porn? Buddy, the Internet is Full of That Shite….

And here we have a story of a budding hacker-entrepreneur that extorted amateur porn from his victims:

Luis Mijangos, 31, was charged with extortion after he allegedly infected more than 100 computers with a virus disguised as a popular song download, which allowed him to take over the personal computers…look[ed] for sexually explicit photos that he then used to blackmail his victims into handing over homemade sex tapes. [news.com.au]

Idiotic.  I mean, what the pro’s provide–and essentially for free–is not enough for this guy?  I’ve seen BDSM-shoe-fetishists that are more normal than this guy.

On the data security front, there’s not much that data security products could have done for you.  Hopefully antivirus software like Symantec would have picked up on the hacker’s malware, but probably not.  Encryption software like file encryption would have perhaps helped, but the keylogger the hacker used would have easily bypassed it by collecting the password.

The only solution is to not be like Paris Hilton in the first half of the 2000′s.  Or, maybe the solution is to be like Paris Hilton and milk the exposure.

Penn State Has Breach; 15,800 PSU Alumni Notified

Hackers may have accessed the Social Security numbers of 15,800 PSU students, most of them former, I take it.  From centredaily.com:

Penn State is sending out letters to about 15,800 people whose Social Security numbers may have been discovered by hackers, the university said in a statement Wednesday.

Officials found that a computer in the Outreach Market Research and Data office was communicating with a bot controller, a type of malicious software that allows someone to gain complete control of the affected computer.

At one time, the computer contained a database of Social Security numbers. In 2005, Penn State officials removed the database when they stopped using Social Security numbers. However, an archived copy remained undetected on the computer’s cache. [ my empahsis]

This is one of the reasons why when encrypting a machine, disk encryption is recommended over something like file encryption.  You just don’t know what you’re going to miss.  Of course, neither would have helped in this case, since the breach point was the installation of malware.