Tuesday February 9, 2010 11:32 PM AEST

SC Magazine Australia/NZ > News > Breaches & Exposures > Identity > LimeWire cited as identity theft attack vector

Vulnerability Alerts

SANS

Infocon: green
Oracle has an unscheduled security alert and patch for CVE-2010-0073. The issue affects WebLogic Server and is remotely exploitable. Details and patch are here http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html, (Tue, Feb 9th)

Microsoft

Microsoft Security Bulletin Advance Notification for February 2010
Microsoft Security Advisory (980088): Vulnerability in Internet Explorer Could Allow Information Disclosure

CERT/CC

Latest Comments

"I too have been a labor voter for many years and will not be voting for them again. The ..."

on Net filter legislation to go public by March

by maxt | Feb 9, 2010 7:56 PM

"I’ve just had a user receive a rehashed version of this with an attached html file containing a ..."

on ATO struck by new phishing scam

by Owen Lutz | Feb 9, 2010 6:01 PM

"hi"

on Chinese hacker school shut down

by manish kumar | Feb 9, 2010 4:27 PM

"Hey 'hey con-roy' ... from Google Australia's head of policy Iarla Flynn"We don't believe that ..."

on Conroy meets with Google for YouTube filtering

by Keep it real | Feb 9, 2010 3:33 PM

"@penno Off-site storage is a good solution unless you have some decent backup software to ..."

on Opinion: My holiday tip - backup your data now

by Charmgene | Feb 9, 2010 2:36 PM

Identity

LimeWire cited as identity theft attack vector

The use of LimeWire as a tool for identity theft has been highlighted by a court case in Seattle.

Frederick Wood was sentenced to three years in prison today for using LimeWire to steal personal information, using that information to fraudulently buy goods online, and then selling them on Craigslist.

Wood admitted to using LimeWire to trawl the hard drives of user’s computers, entering terms like "tax return" and "account" to find financial information. He also searched for college application forms because of the wealth of financial information they contained.

When police raided his computer they found the financial information for more than 120 people on there. This data had been used to forge cheques which were used to buy electrical goods.

He was only caught because of a more low-tech crime. He arranged to sell a laptop face-to-face and switched the computer’s box, leaving the potential customer with a box containing a book and a vase.

Limewire and other peer-to-peer systems need very careful set-up when they are first installed, since the default setting is to share all the information on the hard drive online.

This is not only a problem for consumers but also for business. US Congress has heard in the last month that key government data, including details of presidential safe houses, was available through the P2P system because IT administrators were not barring LimeWire either on the computer or via the firewall.

Ads by Google

Thoughts on this article? Add a comment below.

Be the first to comment on this article.

Report this comment as offensive:

* Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.

Name:

Email:

(will not be displayed)

Comment:

(HTML not permitted)

Validation

Enter the code you see below:

Most Read
Most Discussed
Latest News

Breaches & Exposures Whitepapers

LimeWire cited as identity theft attack vector

SC MAGAZINE SITEMAP

CATEGORIES

News

Alerts

Products

Stats

Blogs

Photo Galleries

Whitepapers

Events

Jobs

Downloads

Vulnerabilities & Exploits

Breaches & Exposures

Messaging

Mobile

Access Control

Biometrics & Forensics

Legal

Risk Management

Job Centre

Patch Management