We’re all hopefully familiar with the notion that criminals can phish details from unsuspecting computer users by creating copycat websites.

To make a phishing page appear more legitimate a scammer might create a domain with a similar looking URL – for instance, appIe.com rather than apple.com (hint: if you didn’t notice, the first “appIe” had a capital “i” in its name rather than an “l”.)

But would it surprise you to hear that similar devious URL trickery could also potentially help a hacker spring one of his buddies from prison?

Last week, Konrad Voits from Ann Arbor, Michigan, pleaded guilty to breaking into the computer systems of Washtenaw County in an attempt to – ultimately – extract an inmate from the prison system.

The 27-year-old hacker’s plan hinged upon the creation of a website called ewashtenavv.org (note the two “v”s at the end), designed to look like the genuine website for Washentaw County,
ewashtenaw.org.

In early 2017, Voits sent emails to County employees claiming to be a “Daniel Greene” and requesting help with court records. He also phoned employees posing as actual members of the County’s IT staff, in an attempt to trick workers into visiting the bogus website in order to “upgrade the County’s jail system”, but which would actually result in the installation of malicious code.

Unfortunately, some staff fell for Voits’s trick, and malware was installed on the County network.

With that bridgehead in place, Voits was able to gain full access to the County’s systems, including the passwords, usernames and personal information of 1600 employees, but also – most interestingly – the XJail software it used to monitor and track jail inmates.

With the login credentials to the prison management system in his hands, Voits attempted to change the records of (Read more...)