'Student' hacker fined £20,000

gallery

A hacker who pretended to be a student in order to gain access to emails of real students has been told pay over £20,000 in costs and compensation.

Daniel Woo, a 23-year-old living in London, was also given a 36 week suspended prison sentence, a two-year supervision order and 200 hours of unpaid work.

He used the passwords in order to gain valuable data, including financial information and personal identification details.

The police learned fraudulent activity had occurred on a number of the victims’ payment accounts.

Woo was caught installing password-thieving software at the University of London's School of Oriental and African Studies, popularly known as Soas.

IT staff discovered some anomalies in the university’s network and after the alarm was raised Metropolitan Police Service's Police Central e-Crime Unit detectives found Woo had faked being a student to access a computer room on the campus.

He then placed an easily downloadable password recovery tool called Cain and Able on university computers to collect further login credentials.

Woo was believed to have accessed the computer room on at least ten occasions between October and November 2006.

Officers later discovered Woo had committed other similar offences at the University of Coventry and had stolen an ID card from a student from the University of Northampton.

Earlier this month, IT PRO attended an event where an ethical hacker showed how simple it is to steal passwords.

When showing a method for thieving passwords, CRYPTOCard's senior vice president in Europe Jason Hart also used the Cain and Abel tool. In that case he used the software to gather passwords of people using a Wi-Fi network.

Email to a friend

Print this page