Univ. of Maryland hackers used trojan to steal IT credentials, access database

Share this article:
The social engineering scam delivers malware via anti-virus program updates.
The university president told Senate members that the attackers cloaked their activity by using Tor.

University of Maryland President Wallace Loh appeared before Senate members to testify on the occurrences leading up to a far-reaching breach.

According to Loh, who spoke Wednesday, hackers masking their identity and whereabouts with the Tor network, infected a university website with a data stealing trojan.

After compromising the photo sharing site, saboteurs were then able to steal login credentials of IT managers at the university, and access a trove of information located in a database – the names, Social Security numbers and university identification numbers of 300,000 University of Maryland students, alumni and staff.

Loh testified at a hearing held by the U.S. Senate Committee on Commerce, Science, and Transportation.  Other attendees who spoke included Target's vice president and CFO John Mulligan, Federal Trade Commission Chairwoman Edith Ramirez and David Wagner, the president of  identity management security software provider Entrust. Visa's Chief Enterprise Risk Officer Ellen Richey was also a witness.

In a written testimony, Loh said that five years of free credit protection services were offered to all impacted individuals. So far, nearly 30,000 people had registered for the provision, he said.

Steps to improve security at the school, included the university removing all sensitive records, that were no longer required, from the targeted database. The university is also performing a comprehensive review of “all personal information across all databases,” to remove other data.

Loh added that, with the help of university IT security staff, campus police, the U.S. Secret Service, and FBI, another network intrusion which occurred on March 15 was mitigated.

“There was no public release of any information and no damage to the institution, except for the release of personal data of one senior university official,” Loh wrote.

Page 1 of 2
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.

Professor says Google search, not hacking, yielded medical info

Professor says Google search, not hacking, yielded medical ...

A professor of ethical hacking at City College San Francisco came forward to clarify that he did not demonstrate hacking a medical center's server in a class.

Syrian Malware Team makes use of enhanced BlackWorm RAT

Syrian Malware Team makes use of enhanced BlackWorm ...

FireEye analyzed the hacking group's use of the malware, dubbed the "Dark Edition" of BlackWorm.