An Australian Federal Police boast, on the ABC's Four Corners program, about officers breaking up an underground hacker forum, has backfired after hackers broke into a federal police computer system. Security consultants say police appear to have been using the computer as a honeypot to collect information on members of the forum but the scheme came undone after the officers forgot to set a password. Last Wednesday, federal police officers in co-operation with Victoria Police executed a search warrant on premises in Brighton, Melbourne, connected to the administrator of an underground hacking forum, r00t-y0u.org, which had about 5000 members.
Many details of the investigation were revealed for the first time on Four Corners last night. After the raid, the federal police covertly assumed control of the forum and began using it to gather evidence about members. "We can operate in a covert activity here fairly seamlessly with no harm to our members with continual and actual significant penetration," Neil Gaughan, national manager of the federal police's High Tech Crimes Operation, told Four Corners.
However, what the federal police did not know was that hackers had already cottoned on to their plan. Police were monitoring the forum by logging into the account of the administrator they had raided, but this aroused suspicion among members who knew the raid had taken place. A hacker broke into the federal police's computer system and, according to a source close to the investigation, accessed both police evidence and intelligence about federal police systems such as its IP addresses.
ITU Global Cybersecurity Agenda