Hack Attack!

Joe Lavin's Humor Column

From Computoredge

Hack Attack!

November 22, 2002

Buy the book!
Click for details.

It finally happened. I was hacked. I have heard about computer hacking for years, yet until recently I had never been a target. Neither had anyone I know. Hacking was starting to seem like some harmless myth until one afternoon when I noticed a strange icon appear in my computer's system tray.

Let me tell you. Nothing livens up a slow day at work quite like a hacker attack. I suppose I wouldn't have been quite so entertained had any damage been done or had the attack been on my own computer. As it was, the attack took place at about two in the afternoon at work. By that point in the day, I was fading quickly, and I don't think I would have made it until five without this little burst of excitement.

Somehow, there was an application on my PC called Userv. It's a legitimate program that allows you to access your computer remotely through the Internet. I just started this job in July, and UServ had been installed on my machine in February. I have no idea why. All I know is that when I showed up for work one day, my computer was already on, and a bunch of strange "U" icons were in my system tray.

That's of course when I should have known something was wrong, but I had a spreadsheet to complete by the end of the day. I didn't have time to think about it. I was surprised to find my computer on, but others sometimes use my machine, and a new file server had just been installed. Perhaps that was the reason for the weird activity. I made a mental note to mention it eventually to our IT guy, who as usual was nowhere to be found. (That's what you get when you work at a university, and your IT guy spends half his time as a graduate student in the Romance department.)

And so I simply rebooted my computer and went about my day. Later, when I came back from lunch, there was that little U in the system tray again. I double-clicked on it, and it soon became obvious that someone was accessing my computer. One box listed two "users." Below was a button labeled "Spy on user." When I pushed that, I discovered that this "user" was accessing a folder deep within my computer. It was a folder called Crypto within a Microsoft folder in my Windows directory. What the hell was going on?

Before checking the folder, I noticed a button labeled "Kill User." I pushed it. In fact, I pushed it several times, all while muttering curses beneath my breath. Never has a button had a more pleasing name. And yet the users kept popping up. Who were they and what did they want from me?

Soon, it was obvious what they wanted -- free bandwidth. When I looked in that folder, a 455-megabyte movie file was there. These "users" hadn't been attacking me. Instead, they were stealing my bandwidth. While I was at lunch, someone had uploaded this file to my computer. Now that it was there, presumably others would stop by to download it. My work computer and my university's bandwidth had suddenly been transformed into some file-sharing bazaar.

The IT guy and I deleted Userv from my computer, and that seemed to put a stop to the activity. After he left, though, the movie file was still there. Obviously, I was tempted to open it. After all, it wasn't an executable file, just a file called "the coolest.avi." Part of me was consumed with curiosity. What was it? But the other part wanted nothing to do with it. On the fifth week of my new job, it didn't seem prudent to open this file just for the sake of curiosity.

"Hi, Joe, I'm John, the director of the center. I just got back in town, and I wanted to stop by and personally welcome you to -- OH MY GOD!!!!"

"No, no, that's not mine! They uploaded it! It wasn't me! It's them! They did it!"

The IT guy understands, but I don't think anyone else would. The file might have been harmless, but this is the Internet we're talking about, and I wasn't taking any chances. I soon deleted the file.

As for my computer, it's now safe -- or at least it seems so. The offending program is gone. I no longer assume my university's network is safe, so I have installed Zone Alarm, the same firewall I use at home with my cable modem. I copied down the IP addresses of the "users" and sent them to the people who run our network. And luckily, I don't seem to have been fired for having inappropriate files on my computer.

All in all, it was about as pleasant as a hacker attack can be. And, to be honest, it was certainly a lot more exciting than that spreadsheet that I had to complete. For all that bandwidth they stole, you would think the hackers could have at least finished my spreadsheet for me. No such luck.

The Archives

Today's Column

©2002 Joe Lavin