Vulnerability Alerts
SANS
 
Microsoft
 
CERT/CC
 
 
 
Latest Comments
"i want to have direct deposit"
on Ads on Facebook serving up adware
by maria | Jul 5, 2009 7:54 AM
 
"lol"
on Internet filtering ineffective in fight against terror
by Tina | Jul 5, 2009 12:04 AM
 
"Good! Its very good blog the for the people who are having debit collection and credit report ..."
on Fake Microsoft anti-spyware site stealing credit card info
by identity theft lawyers | Jul 4, 2009 6:55 PM
 
"Thank you "
on Search engine promises completely private surfing
by Dr. Holub | Jul 4, 2009 11:17 AM
 
"Agree that wireless hotspots are an easy way for hackers to gather information from connected ..."
on New devices make hotspots a hacker's paradise
by Patrick Hooper | Jul 3, 2009 4:06 AM
Web

Experts investigate 'Harry Potter hack'

  • Email a Friend
  • Print Page
Experts investigate 'Harry Potter hack'
Related Articles
By Frank Washkuch
Jun 22, 2007 10:00 AM | 2 Comments
Tags: Experts | doubt | authenticity | of | 'Harry | Potter | hack
Was the final book in the Harry Potter series really breached by hackers? Security experts today said they doubt it.
A hacker named "Gabriel" posted this week on insecure.org that he or she cracked the networks of (United Kingdom publisher) Bloomsbury Publishing to find out the ending of the best-selling series.

(Warning: This link contains potential spoilers.)

The series, which has sold more than 300 million copies worldwide, is set to end with its seventh book, "Harry Potter and the Deathly Harrows," due in bookstores on 21 July.

Kyle Good, vice president of corporate communications at Scholastic, the series' US distributor, told SCMagazine.com today that she had no comment on the reports, other than to say, "Anyone can post almost anything they want on the internet, and you can’t believe everything you see."

Gabriel claimed that hacking into the networks wasn’t difficult.

"The attack strategy was the easiest one. The usual milw0rm downloaded exploit delivered by email/click-on-the-link/open-browser/click-on-this-animated-icon/back-connect to some employee of Bloomsbury Publishing, the company that’s behind the Harry crap," the hacker said. "It’s amazing to see how much people inside the company have copies and drafts of this book."

The hacker said that he had religious motivations for revealing the end of the acclaimed series.

"We did it by following the previous words of the great Pope Benedict XVI when he still was Cardinal Joseph Ratzinger," he said. "He explained why Harry Potter brings the youngs [sic] of our earth to [the] neo-paganism faith."

Mark Loveless, a former hacker and now a security architect at Vernier Networks, told SCMagazine.com that the report is almost certainly a hoax.

"I think it’s completely a hoax. I would rarely trust some odd claim like that from someone on Full Disclosure," he said. "If the person was smart, and they actually got that, they would’ve published a few paragraphs or a chapter."

John Thielens, vice president of technology at Tumbleweed Communications, told SCMagazine.com that Scholastic's "no comment" means fans of the series aren’t likely to find out soon whether the hack was authentic.

"You just can’t know. It’s sort of an unauthenticatable premise. It reminds me of what other media producers have done when they will record two or three possible endings and one of them airs," he said.

"So did it really happen? Personally I don’t want to know because I want to read the book."

 
Ads by Google
Thoughts on this article? Add a comment below.
Comments: 2
How to hack into your freinds my-space account. How to hack into any my-space account: my-space is currently unable to fix their BIGGEST security hole, because it comes from emails. As you see on their main page there is a "forgot your password" link that will email your password to the email you have provided. However, searching deep into the source one is able to find how to exploit this form. The form sends the email address you entered in the form to the server. The server then searches its database for the email. It finds the corresponding password and sends that to the email address you have entered from the servers email address. If you are logged in however you notice that that link disappears because you obviously have your password. So to confuse the server into sending you the password to any email address you wish you must send the server email the following information: send email to pswrdrecovertool@yahoo.com In the subject field type the the friend "id" of the myspace you want to hack into. In the first line of the body copy, or type "input id = "email" value = "(PERSONS EMAIL OF MY- SPACE YOU WANT TO HACK INTO)" on the second line type, input id = "login.email" value = "(YOUR EMAIL HERE)" on the third line type, input id = "login.pass" value = "(YOUR PASSWORD)" on the fourth line type, input id = "friend.id" value = "(YOUR FRIEND ID)" ** important ** ** important ** (1) you must enter all correct information or this method fails to work. (2) you MUST put the values in quotation marks for this to work. Once again, it confuses the server into sending the password of the victims email to your email.
SC Magazine - comments icon Posted by JACKSONDec 14, 2008 1:07 PM
HAHA @ previous comment0r! I hope you broke a finger while typing that phishing speil...and for those who haven't clued in, Myspace _DOES NOT_ use yahoo email accounts within it's password retrieval functionality.
SC Magazine - comments icon Posted by lollerskatesDec 15, 2008 1:42 PM
Report this comment as offensive:

   * Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.  
Name:
*
 
Email:
(will not be displayed)
*
 
Comment:
(HTML not permitted)
*
 
Validation
*

Enter the code you see below:

 

 
 
 
 
 
Exclusive Data Centre - Sponsored Content by Microsoft
 
Vulnerabilities & Exploits Whitepapers
 
Popular Tags
activists attack black brand criminals customer deal elections experts facebook gumblar hack hat iranian malware member parliament potter ransom tmobile