Siemens Security Customers
Fear the Bunni
Fluffi Bunni hacker
suspect had been on Siemens' staff for a year
IT security suppliers Siemens Communications and Insight Consulting
have begun investigations after it emerged that a man arrested
last week by detectives hunting a notorious international hacking
group had been representing the firms on an exhibitor's stand
at a major IT security show.
Senior detectives at Scotland Yard's Computer Crime Unit spotted
27-year-old Lynn Htun, believed to be the brains behind the infamous
Fluffi Bunni hacking group, on the stand run by Insight Consulting
and its business partner Siemens at the Infosecurity Europe 2003
show at Olympia, London....
The incident will come as an embarrassment to Siemens, which
runs major secure IT projects for the government, and its business
partner Insight Consulting, which is partly owned by Siemens
and has close links to the security service MI5.
It is also likely to prompt anxious questions from the companies'
customers about the adequacy of Siemens' employment vetting procedures.
"It does take some form of carelessness to employ someone
who is facing charges and for which there is an arrest warrant
out. Obviously, any purchaser of security services has high implicit
expectations of the supplier. I think Siemens has a great deal
to answer," said Peter Sommer, security expert at the London
School of Economics.
According to eye witnesses, senior detectives from Scotland
Yard's Computer Crime Unit spotted Htun on a stand run by Insight
Consulting and Siemens only yards from an exhibit by the National
High-Tech Crime Unit at lunchtime on Tuesday 29 April. More
on this story --->>
Arrested Bunni not
the Big One?
A little real-world security surfaced at InfoSecurity Europe
London when Scotland Yard officers swooped down and arrested
Lynn Htun on
the show floor.
The arrest made headlines when Htun was linked to Fluffi Bunni,
group that gained notoriety in September 2001, when it defaced
of sites with the message Fluffi Bunni goes Jihad
and its calling card,
a picture of a rabbit at a PC. The group also defaced numerous
security-oriented sites, such as the SANS Institute and Attrition.org.
Fluffi Bunni left its mark on the SecurityFocus (now part of
Corp.) Web site by defacing a banner ad hosted on a different
fact, though, Htun was arrested on forgery charges.
I dont think it means a thing. The big fish of
Fluffi Bunni was t0rner,
who created t0rn kit, said B.K. DeLong, who co-managed the now-defunct
Attrition defacement mirror. DeLong said Htun was almost certainly
hacker known as danny-boy, who was closely associated
T0rner, whose real name is believed to be Samir Rana, was
arrested last September in the U.K. -- From SECURITY WIRE DIGEST,
VOL. 5, NO. 35, MAY 5, 2003 To SUBSCRIBE to Security Wire Digest,
Fluffi Bunni Arrested
According to a May 1 Reuters news story, "'Fluffi Bunni
is one of the most mysterious figures in the hacking panorama.
He selects specific targets. His hacks are very effective,' said
Roberto Preatoni, founder of Zone-H, a firm that monitors and records
Internet hack attacks.
"[Lynn] Htun, a British citizen, had not been charged
late on Wednesday with any computer-related crimes.
"Police said he was arrested on Tuesday by officers from
the Computer Crime Unit of New Scotland Yard on a warrant for
skipping an appearance at Guilford Crown Court, where he was
to appear for an unrelated forgery charge.
"A law enforcement source said the investigation was
continuing as authorities were trying to determine whether Fluffi
Bunni was the work of a single person or a group, which could
lead to other arrests and determine whether Htun is charged."
More on this story -->>
Lynn Htun, the 24 year old hacker who some say led the Fluffi
Bunni hacker gang, was arrested in London April 29, 2003. Fluffi
Bunni has defaced many high profile sites such as McDonalds,
Exodus, Securityfocus.com, and the computer security professional
For some records on these defacements, see the Zone-h.org site,
He/they/whoever most infamously went on a rampage of web defacements
just days after the Sept. 11 terror attacks. He/they defaced
thousands of commercial Web sites with a single break-in that
included the message, "Fluffi Bunni Goes Jihad."
He is wanted in the United States for hacking and was arrested
while attending a computer security conference.
More on this story -->>
Columbia University Finds
Home Page Hacker
(28 April 2003)
A hacker who allegedly defaced Columbia University's home
and redirected visitors to a lewd site, has been caught, according
to the assistant director of Academic Information Systems. He
not say if the perpetrator is a student. The hacker likely obtained
access to the server through a privileged account.
More on this story -->>
More about the woes of computer