back to article Surrey teen charged over Mumsnet hack attack

A Surrey man has been charged with hacking offences related to the attack on the Mumsnet website last year. David Gerrard Buchanan, 18, of Haslemere, Surrey, was charged on Saturday with three offences under the Computer Misuse Act following an investigation by the Met’s Cyber Crime Unit (MPCCU). Two of the alleged offences …

  1. Anonymous Coward
    Anonymous Coward

    Password guessing, ping of death, and fake phone calls counts as 'Hacking' these days?

    Jeez. Kids these days.

    1. Paul Webb

      Re: Password guessing, ping of death, and fake phone calls counts as 'Hacking' these days?

      They're too old for hacking.

  2. Trigun
    Facepalm

    SWATing

    Hacking is one thing, SWATing is another. The latter has the potential to get someone killed and give the cop that pulled the trigger life-time guilt. Twats.

    1. chivo243 Silver badge

      Re: SWATing

      @Trigun

      +1 for you, too bad I can't up vote more.

      Like they say, "It's all fun and games until someone dies." I don't think kids these days get it.

      1. Anonymous Coward
        Anonymous Coward

        Re: SWATing

        "Like they say, "It's all fun and games until someone dies." I don't think kids these days get it."

        No, because most of them are babysat by the TV and everyone knows in real life you can get shot 3 dozen times and get up, then still fight 300 baddies with your bare hands

        1. Haku

          Re: SWATing

          "No, because most of them are babysat by the TV and everyone knows in real life you can get shot 3 dozen times and get up, then still fight 300 baddies with your bare hands"

          It has definitely got worse since I was a kid because back then the good & bad guys on tv would shoot at each other all day long and nobody got hit.

          "If you have a problem... if no one else can help... and if you can find them... "

    2. Anonymous Coward
      Anonymous Coward

      Re: SWATing

      We don't have quite as militarised a police force in the UK, but it's still a waste of resources that can put innocent lives in danger.

      1. Anonymous Coward
        Anonymous Coward

        Re: SWATing

        Indeed, one hopes the chances of getting killed by British police called to a fake emergency are still nil.... but as you say it's still a waste of resources.

        On the other hand hacking mumsnet could be seen as a service to mankind.....

        1. theModge

          Re: SWATing

          Indeed, one hopes the chances of getting killed by British police called to a fake emergency are still nil

          Unless you have a sun tan and a beard or are, say, an electrician, from Brazil.

          Though I must certainly concur that taking out mumsnet was indeed a service.

          1. poopoo

            Re: SWATing

            ... or a Down's Syndrome man playing in his cowboy costume.

        2. poopoo

          Re: SWATing

          Unless you are a Down's Syndrome man playing in a cowboy costume or a backpacker in the underground.

  3. Banksy
  4. Leeroy

    Mumsnet

    It's as bad as the Jeremy Kyle show from what the Mrs shows me.

    1st world problems and all that. ..

  5. wolfetone Silver badge

    Give him a job instead of putting him through the courts.

    1. Anonymous Coward
      Anonymous Coward

      Cleaning toilets, perhaps?

      1. Anonymous Coward
        Anonymous Coward

        In Feltham.

        1. Jamesit

          With a toothbrush.

          1. Peter X

            His _own_ toothbrush!

            1. wolfetone Silver badge

              Why joke?

              The kid has a talent, obviously a bigger talent than the clowns who set the site up in the first place. So what does this country do? Throw him in the slammer or give him a criminal record which will make his employment chances harder in the UK.

              1. Phil O'Sophical Silver badge
                Facepalm

                The kid has a talent, obviously a bigger talent than the clowns who set the site up in the first place.

                That doesn''t entitle him to smash the site up, or 'swat' its owners. Bernie Madoff had talent too, should he have been "given" a job in a bank instead of being jailed?

                1. wolfetone Silver badge

                  "That doesn''t entitle him to smash the site up, or 'swat' its owners. Bernie Madoff had talent too, should he have been "given" a job in a bank instead of being jailed?"

                  Totally different situations. Frank Abagnale was committing fraud for years (even flew a plane, he can't fly a plane but he pretended he could). He was eventually caught, what happened to him? Given a job by the government to help them on fraud cases. The bloke hasn't done too badly for himself on the right side of the law since then.

                  This country has a fetish for punishing kids and young adults for crimes that the judge has absolutely no clue about and that the "victims" are embarrassed by the offender. In this case, the admins who swore blind they secured the site.

                  Prisons are seen by the public as places to be punished, when actually yes they are there to do time at Her Majesty's pleasure but they're also places to be rehabilitated and integrate the prisoner in to public life afterwards.

                  The problem though is that once the offender has came out of prison after doing their time, they try and integrate back in to society. They apply for jobs, but because you have to declare criminal convictions they won't get the job because the employer doesn't want an ex-con working for them. So what happens? The offender gets a really thankless job with no hope of improving their situation, or re-offend.

                  It's insane to ruin a kid or young adults life like this. There are plenty of things I did when I was 18 that 10 years on I would cringe at doing. And it's all well and good saying "Well when I was 18 I knew not to do X or what would happen if I do Y" - fair enough that's you. You aren't the rule.

                  1. Anonymous Coward
                    Anonymous Coward

                    And it's all well and good saying "Well when I was 18 I knew not to do X or what would happen if I do Y" - fair enough that's you. You aren't the rule.

                    That's a depressing point of view. I rather think that, despite what you might see on EastEnders, people who knew how to behave themselves even when they were only 18 are the rule. Do you have kids? If so, have you brought them up to behave like that?

                    1. Baskitcaise

                      people who knew how to behave themselves even when they were only 18 are the rule

                      At 18 years of age I was shown how to kill a person with my bare hands, in fact IIRC it was by the age of 17.

                      All done by my government and my choice......

                      So you cannot use the history fuckin excuse on that one, yes we were probably "brung up better" but it was still there...

                      Sorry you just got my goat on that comment. Oh and by the way I am just coming up to my 60'th so an old fart in real live and getting even more seeing as how this here interwebnet stuff is going, can we not go back to BB please?

                  2. DocJames

                    @wolfetone

                    Whilst I agree that it's terrible to waste young lives, we do (as a society) need some level at which we send people to jail. I'm not convinced that he is going to jail just yet (what with the need for a trial and sentencing first), but from what is reported I do think he needs to change his approach. Which may require jail.

                    I also did stuff at 18 which I cringe over. I even did stuff at 28 that I cringe over... But making such a scene is foolish. It's likely to attract attention and the heavy hand of the law.

                    1. James Hughes 1

                      Re: @wolfetone

                      Just a quick note - it's not the courts that will ruin this blokes life. It was the bloke himself. He is clearly stupid enough to get caught, and stupid enough to do the crime in the first place.

                      I've always liked the phrase, if you cannot do the time, don't do the crime.

                      I did stupid things when I was 18, but I didn't break the law.

                  3. Baskitcaise
                    Thumb Up

                    It's insane to ruin a kid or young adults life like this

                    Oh I do wish this was true, what I did in my teens ( many years ago ) I regret.

                    But it still sticks around, I used to have full military clearance to work on nukes etc....

                    Now I cannot even get a job due to a little indiscretion when I was younger. ( in this younger jargon, joy riding. )

                    Ah well I am glad I will be retiring this year and just tinkering with computers rather than fixing them. Keep on keeping on guys, love the commentards on here.

              2. Anonymous Coward
                Anonymous Coward

                "The kid has a talent"

                What are you basing that on? It doesn't say how they got in, for all you know the total skill applied involved downloading an exploit kit, pointing it at Mumsnet and going and hanging out at the local bus stop for a few hours.

                It doesn't say whether he's a skilled cracker or brainless skiddie, but I suspect the latter, because:

                1. he got caught

                2. he targetted Mumsnet

                3. he thought this was a good idea

                Even when I was that age I knew the phrase "you do it once, you do it big, you disappear and never do it again". Hitting Mumsnet stinks of skiddie.

                1. Anonymous Coward
                  Anonymous Coward

                  Mumsnet stinks of skiddie.

                  Bwah ha ha ha!

              3. WonkoTheSane
                Big Brother

                I rather suspect his sentence will be suspended, he may get ankle-tagged for a few months, and then offered a job in Cheltenham.

    2. This post has been deleted by its author

  6. The Nazz

    I-spy an omission . . .

    should it have been ..."against the high profile UK mis-parenting site"?

    YMMV

  7. Valeyard

    mumsnet

    bunch of shrieking full-time mummies prefixing every sentence with "well as a mother..." to slather their uneducated reactionary opinion over everything they find really objectionable (i.e. everything)

    1. James Hughes 1

      Re: mumsnet

      And your point is.....what? That some websites deserve to be hacked, or the people running them to be swatted?

      1. Valeyard

        Re: mumsnet

        No.you're trying to infer a point that isn't there. The content as written is all there is, that's why my posts aren't studied at sixth form ;)

  8. lansalot

    Ironically, he's probably crying for his mum round about now...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

  • World Economic Forum wants a global map of online crime
    Will cyber crimes shrug off Atlas Initiative? Objectively, yes

    RSA Conference An ambitious project spearheaded by the World Economic Forum (WEF) is working to develop a map of the cybercrime ecosystem using open source information.

    The Atlas initiative, whose contributors include Fortinet and Microsoft and other private-sector firms, involves mapping the relationships between criminal groups and their infrastructure with the end goal of helping both industry and the public sector — law enforcement and government agencies — disrupt these nefarious ecosystems.  

    This kind of visibility into the connections between the gang members can help security researchers identify vulnerabilities in the criminals' supply chain to develop better mitigation strategies and security controls for their customers. 

    Continue reading
  • Capital One: Convicted techie got in via 'misconfigured' AWS buckets
    Assistant US attorney: 'She wanted data, she wanted money, and she wanted to brag'

    Updated A former Seattle tech worker has been convicted of wire fraud and computer intrusions in a US federal district court.

    The conviction follows the infamous 2019 hack of Capital One in which personal information of more than 100 million US and Canadian credit card applicants were swiped from the financial giant's misconfigured cloud-based storage.

    Paige Thompson (aka "erratic") was arrested in July 2019 after data was leaked between March and July of that year. The data was submitted by credit card hopefuls between 2005 and early 2019, and Thompson was able to get into Capital One's AWS storage thanks to a "misconfigured web application firewall."

    Continue reading
  • Never fear, the White House is here to tackle web trolls
    'No one should have to endure abuse just because they are attempting to participate in society'

    A US task force aims to prevent online harassment and abuse, with a specific focus on protecting women, girls and LGBTQI+ individuals.

    In the next 180 days, the White House Task Force to Address Online Harassment and Abuse will, among other things, draft a blueprint on a "whole-of-government approach" to stopping "technology-facilitated, gender-based violence." 

    A year after submitting the blueprint, the group will provide additional recommendations that federal and state agencies, service providers, technology companies, schools and other organisations should take to prevent online harassment, which VP Kamala Harris noted often spills over into physical violence, including self-harm and suicide for victims of cyberstalking as well mass shootings.

    Continue reading
  • Interpol anti-fraud operation busts call centers behind business email scams
    1,770 premises raided, 2,000 arrested, $50m seized

    Law enforcement agencies around the world have arrested about 2,000 people and seized $50 million in a sweeping operation crackdown of social engineering and other scam operations around the globe.

    In the latest action in the ongoing "First Light", an operation Interpol has coordinated annually since 2014, law enforcement officials from 76 countries raided 1,770 call centers suspected of running fraudulent operations such as telephone and romance scams, email deception scams, and financial crimes.

    Among the 2,000 people arrested in Operation First Light 2022 were call center operators and fraudsters, and money launderers. Interpol stated that the operation also saw 4,000 bank accounts frozen and 3,000 suspects identified.

    Continue reading
  • Cloud services proving handy for cybercriminals, SANS Institute warns
    Flying horses, gonna pwn me away...

    RSA Conference Living off the land is so 2021. These days, cybercriminals are living off the cloud, according to Katie Nickels, director of intelligence for Red Canary and a SANS Certified Instructor.

    "It's not enough to pay attention to the operating systems, the endpoints, said Nickels, speaking on a SANS Institute panel about the most dangerous new attack techniques at RSA Conference. "Adversaries, a lot of their intrusions, are using cloud services of different types."  

    And yes, living off the land (or the cloud), in which intruders use legitimate software and cloud services to deploy malware or spy on corporations and other nefarious activities, isn't a new type of attack, Nickels admitted. "But what's new here is the levels to which using cloud services [for cyberattacks] has risen." 

    Continue reading
  • Microsoft seizes 41 domains tied to 'Iranian phishing ring'
    Windows giant gets court order to take over dot-coms and more

    Microsoft has obtained a court order to seize 41 domains used by what the Windows giant said was an Iranian cybercrime group that ran a spear-phishing operation targeting organizations in the US, Middle East, and India. 

    The Microsoft Digital Crimes Unit said the gang, dubbed Bohrium, took a particular interest in those working in technology, transportation, government, and education sectors: its members would pretend to be job recruiters to lure marks into running malware on their PCs.

    "Bohrium actors create fake social media profiles, often posing as recruiters," said Amy Hogan-Burney, GM of Microsoft's Digital Crimes Unit. "Once personal information was obtained from the victims, Bohrium sent malicious emails with links that ultimately infected their target's computers with malware."

    Continue reading
  • Cops' Killer Bee stings credential-stealing scammer
    Fraudster and two alleged accomplices nabbed in joint op

    An Interpol-led operation code-named Killer Bee has led to the arrest and conviction of a Nigerian man who was said to have used a remote access trojan (RAT) to reroute financial transactions and steal corporate credentials. Two suspected accomplices were also nabbed.

    The trio, aged between 31 and 38, were detained as part of a sting operation involving law enforcement agencies across 11 countries: Brunei, Cambodia, Indonesia, Laos, Malaysia, Myanmar, Nigeria, Philippines, Singapore, Thailand, and Vietnam. 

    The suspects were arrested in the Lagos suburb of Ajegunle and in Benin City, Nigeria. At the time of their arrests, all three men were in possession of fake documents, including fraudulent invoices and forged official letters, it is claimed.

    Continue reading
  • FBI, CISA: Don't get caught in Karakurt's extortion web
    Is this gang some sort of Conti side hustle? The answer may be yes

    The Feds have warned organizations about a lesser-known extortion gang Karakurt, which demands ransoms as high as $13 million and, some cybersecurity folks say, may be linked to the notorious Conti crew.

    In a joint advisory [PDF] this week, the FBI, CISA and US Treasury Department outlined technical details about how Karakurt operates, along with actions to take, indicators of compromise, and sample ransom notes. Here's a snippet:

    Continue reading
  • Super-spreader FluBot squashed by Europol
    Your package is delayed. Click this innocent-looking link to reschedule

    FluBot, the super-spreader Android malware that infected tens of thousands of phones globally, has been reportedly squashed by an international law enforcement operation.

    In May, Dutch police disrupted the mobile malware's infrastructure, disconnecting thousands of victims' devices from the FluBot network and preventing more than 6.5 million spam text messages propagating the bot from reaching potential victims, according to Finland's National Bureau of Investigation on Wednesday.

    The takedown followed a Europol-led investigation that involved law enforcement agencies from Australia, Belgium, Finland, Hungary, Ireland, Spain, Sweden, Switzerland, the Netherlands and the US. 

    Continue reading
  • Stolen university credentials up for sale by Russian crooks, FBI warns
    Forget dark-web souks, thousands of these are already being traded on public bazaars

    Russian crooks are selling network credentials and virtual private network access for a "multitude" of US universities and colleges on criminal marketplaces, according to the FBI.

    According to a warning issued on Thursday, these stolen credentials sell for thousands of dollars on both dark web and public internet forums, and could lead to subsequent cyberattacks against individual employees or the schools themselves.

    "The exposure of usernames and passwords can lead to brute force credential stuffing computer network attacks, whereby attackers attempt logins across various internet sites or exploit them for subsequent cyber attacks as criminal actors take advantage of users recycling the same credentials across multiple accounts, internet sites, and services," the Feds' alert [PDF] said.

    Continue reading

Biting the hand that feeds IT © 1998–2022