Cybercriminals Has Heroin Delivered To Brian Krebs, Then Calls Police 187
Okian Warrior writes in about a package of heroin that found its way to the door of Brian Krebs. "'Fans' of [security researcher Brian Krebs] have shown their affection in some curious ways. One called in a phony hostage situation that resulted in a dozen heavily armed police surrounding my home. Another opened a $20,000 new line of credit in my name. Others sent more than $1,000 in bogus PayPal donations from hacked accounts. Still more admirers paid my cable bill for the next three years using stolen credit cards. Malware authors have even used my name and likeness to peddle their wares. But the most recent attempt to embarrass and fluster this author easily takes the cake as the most elaborate: Earlier this month, the administrator of an exclusive cybercrime forum hatched and executed a plan to purchase heroin, have it mailed to my home, and then spoof a phone call from one of my neighbors alerting the local police. Thankfully, I had already established a presence on his forum and was able to monitor the scam in real time and alert my local police well in advance of the delivery."
Czar (Score:5, Interesting)
A guy named Czar posted a thinly veiled threat as a comment upon Krebs' blog post:
"and easy to speak of the lives of others [hackers, carders, botmasters]
you [Krebs] invade the forum these guys and find that they do not go doing anything?, it would be foolish on your part
be realistic, you are at risk talking shit about these guys
this minimum and that they can make in relation to you,
Now, imagine if it was a bomb?, what do you think? [Krebs]
would be surprising if some hacker will not do this someday
good luck with your work, the risks are increasing lol;"
Now one wonders how THAT is going to be played out....
Krebs is a scam. (Score:4, Interesting)
I posted a comment on his blog a while ago where I questioned the validity of the results of his research [krebsonsecurity.com] that caught a lot of attention [slashdot.org] a while back. For example, one of his biggest finds was that that one of the scammer' name is Vasily Ivanovich Petrov, which is just a placeholder name just like Joe Public in Russian. He never approved my comment or provided any feedback. If he was an actual researcher, he wouldn't silence reasonable criticism towards him.
It's sad to see him get one meaningless article after another on Slashdot.
Re: Krebs is a scam. (Score:4, Interesting)
He never approved my comment, so it never made it in the comment section. I didn't do anything significant, I just made a couple of observations that made his research look less exciting, the most significant find I already mentioned above. A good lesson for me to avoid dealing with blogs and bloggers that pre-moderate comments or at least preserve them locally.
How often does law enforcement do this? (Score:4, Interesting)
Slightly off topic (Score:4, Interesting)
Re:Krebs is a scam. (Score:1, Interesting)
I have a personal experience with Krebs that aligns with your observations. He posted my email address on one of his blog entries, and he refused to take down my address when I pointed out the flaws in his (and his security researchers') methods (specifically that the site he was investigating did not do email validation at all, so the email addresses from their user database he accessed can not be verified to real accounts). I would give more details, but currently I'm in the process of seeking legal advice for this matter.
I guess that most people will agree that if you bill yourself as a security researcher or journalist, it's quite important to show some professionalism and integrity and not mislead or give false impressions.
Re:How often does law enforcement do this? (Score:3, Interesting)
Get some reading comprehension.