News.com schrijft dat een stel crackertjes een gat hebben gevonden in de registratieprocedure van AOL's Instant Messenger (toch niemand die dat gebruikt, althans hier in NL). De zogenaamde hackers blijken van minderjarige leeftijd te zijn en gebruiken het door hun ontdekte beveiligingslek om allerlei ongein uit te halen...
A small band of hackers has discovered a way to take over any AOL Instant Messenger (AIM) account as long as they have a person's screen name. By using an AOL staff tool they unearthed while poking around the company's proprietary online service, they exploit a public hole in the AOL 5.0 registration process that lets them reset AIM users' passwords.
Once the hackers do this handiwork, initial users of the screen names are locked out of their accounts, giving the hackers open access to users' buddy lists of other AIM users and the ability to maintain trial AOL 5.0 accounts under the same screen names, as confirmed by CNET News.com.
[...] The teen-age hackers who found the hole in AOL 5.0 say they have stolen more than a hundred names, such as "New York City." Some use the names they've seized to extract information about the person from friends and family. Mostly the ploy is a game.
"We do it if we've seen someone we don't like in a private chat room," one of the hackers said in an interview.
At one point, the high school senior said he tried to let AOL know about the hole. "If AOL would just listen to people like us instead of blowing us off and terminating our accounts, they could fix it," he said.