|
Crime
|
2000-03-25 01:09:00-05
|
Hacker "Curador" maybe arrested in Wales
|
|
Suspects are only teen-agers; fraud amount expected to exeed many millions of US$. Small Thai co. finds solution
|
reports that the hacker "Curador" might have been arrested in Wales. "Curador" became famous in Thailand after hacking into Loxinfo's e-commerce site http://www.shoppingthailand.com and stealing thousands of credit-card numbers. He then posted the credit card numbers on a public available web-page. He also managed to hack websites in United States, United Kingdom, Canada and Japan.
Irish police has reported that two 18-year-old British men were in custody Friday after an FBI probe. According to CNN, the handle "Curador" has become synonymous with stolen credit cards in the last month, as several small e-commerce sites were infiltrated and credit card information stolen. The card numbers were then placed for public display on a Web site signed by "Curador: The Saint of E-Commerce?". The investigation has stretched from North America to Thailand, where authorities were investigating the infiltration of Shoppingthailand.com, said Chris Davis, a partner at Tyger Team Consultants Ltd., a security firm involved in the investigation. Microsoft's security Web site shows that the software company published a patch for the problem in July 1998, and issued a second warning in July 1999. Small e-commerce firms are becoming more frequent targets for hacking, as they are less likely to have the most up-to-date software and maintenance to protect sensitive data. Most credit card customers find themselves less in danger from credit card theft, as card issuers cap fraudulent charges at $50. Merchants, however, have no such protection if stolen card numbers are used to purchase goods. According to a recent survey by the Computer Security Institute, 273 businesses reported over a quarter-billion dollars in losses related to computer hacking last year. CNN Justice Department correspondent Terry Frieden and CNN Interactive Technology Editor D. Ian Hopper contributed to the CNN report.
In Thailand U5 as the first software company in Asia has solved the problem by not storing the credit card on the server. "Storing the credit-card information on the server is always risky. Nobody can ever tell who could get access to the information. Instead the U5 Secure Form re-encrypts (strong encryption) the message and sends it to the receiver who is the only one who can decrypt it." "Some web-providers offer access through SSL, secure web-forms. But this is false security as web-browsers outside USA only offer 40-bit encryption which are easy to hack through, even using normal PC's. And sensitive information must be stored on the server." Strong-encryption technology were earlier protected by strong export-restricting laws, but U5 utilizes a newly released package from the open-source community in Germany. "Our encryption is stronger than the one used by the US military" says Soren "Frank" Munch , managing director for U5com Co Ltd, Thailand. In Thailand several leading websites are using the system already, but Mr. Munch refuses to give details. "We do not disclose information regarding security for particular customers."
|
