Saturday, March 31, 2012

Busting an Attacker: article 201202

Last week I received a phone call from "Microsoft Support" informing me that my computer was infected and was sending out "viruses".  Knowing this was a scam I thought I would have a little fun with it.  So I ran into my office, started recording the call, brought up an isolated virtual machine and played along!

I strung this attacker on for about 90 minutes. Needless to say when I broke the news to him that I was on to his game he was not happy.

I am sure most of you are aware cyber crime is a multibillion dollar business.  This was not just one or two guys calling just me.  This was a from call-center.  The entire time I could hear several others talking in the background exploiting individuals.

I wish I could have done more with this but the call obviously caught me off guard.  Next I am going to attempt some forensics on the virtual machine to see what changes they made.

Below is a subtitled recording of the call to make it easier to understand.  I snipped out about 2 minutes of conversation and tried to make it entertaining to watch.  If you wish, please feel free to use this video for security awareness demonstrations.

If you have any questions or wish to discuss you may email me.



 If you would like a HI-DEF version right click on this link and select save as:


http://holepokersecurity.com/ohsg/BustedVisherHiDef.wmv