What is worst than not changing the default password to a device or program? Not setting a password at all. Recently a hacker that goes by “Revolver” has recovered data from unsecured computers. Revolver wanted to see how many computers were insecure so he created a script that cycled through IP addresses and select ports on his own computer, which tries to connect to unsecured servers through a web-based VNC viewer (Whittaker, 2016). The script would only capture a screenshot if there was a connection, if there was not a connect the script would goto the next IP address.

I reviewed this site when the article was fist posted and many of the images were pretty disturbing. Not disturbing in the sense of gore, but in the sense that some of the information contained was damaging. One of the screenshots was of a pediatrics office and patient records where displayed when the screenshot was captured. Another screenshot was the system control panel for a German hydropower plant. Some of the other captures when not of much importance.

Now the site that the photos were posted to has been taken down (VNC Roulette) Since the site was taken down I accessed the cached site from Google.com just to see if the photos were cached and the site that Revolver setup for the VNC Roulette was hacked by another hacker calling himself “FatalSec”. This is a way for hackers to get their name out there as a better hacker than the last hacker. Here is the cached link to the hacked VNCRoulette website (I’m not responsible if anything happens to you computer by clicking the link. Click the link at your own risk): http://webcache.googleusercontent.com/search?q=cache:PFK3vnAnCOgJ:vncroulette.com/+&cd=1&hl=en&ct=clnk&gl=us.

{Update}

I have located the website with the photos of the screenshots. I am not posting this for the purpose of capturing the data, just as a visual tool to see the amount of data that is open to the public VNCRoulette working link

VNC Roulette. (n.d.). Retrieved April 1, 2016, from http://5.230.225.107/index.php?picture=0
Whittaker, Z. (2016, March 29). How one hacker exposed thousands of insecure desktops that anyone can remotely view | ZDNet. Retrieved March 29, 2016, from http://www.zdnet.com/article/hacker-exposes-thousands-of-insecure-desktops-that-anyone-can-remotely-view/
Advertisements