Posted by: Saajha June 5, 2008
HACKERS...MASTERMIND
Login in to Rate this Post:     0       ?        

@nayan19,

 Paul Hopkins' email makes a complete sense; whether it's a hoax or a statement based on the truth is a different story - but it sure has a legit attack vector. Here's what I understood by reading your attached email and the brief intro: 

First off, you initially called it: University of Missisipi (http://www.olemiss.edu/) which you probably didn't mean. It really was MVSU (Missisipi Valley State University).

So - looks like Arvind (your bother?) applied to this institution through Shekhar (Director of 'Dikshya' - a Putalisadak based agency). Paul Hopkins claims to have 'hacked' into the web server/script; and possibly redirected the existing payment link to his paypal account, which would let the prospective students transfer their money to this guy's wallet! And here's a bitter truth --- it's absolutely Possible!

The email was sent to bbufkin@mvsu.edu (Dr Ben Bufkin ?) - supposedly a Finance guy - must be with the payroll/payment dept or such ! The email was Carbon Copied to Shekhar and Arvind as well. Now at this point, Bufkin is well aware of this 'hack', and so are Shekhar and Arvind.  So, if (when) Bufkin checks his (the University's) paypal account and doesn't see the money transferred from Arvind or Shekhar(Provided that one of these guys - or perhaps 'Bhagat' did make a payment through paypal in the past), he knows for sure that it really went to a third party - which means the Hack attempt worked!! If he indeed received the money, then it's a complete lame n00b (newbie) show off!!!

At the end of the day, did it really matter to you or your brother? Not quite! Since Hopkins could only screw around with MVSU site, there's no trivial way for his 'professional' hacking mind to manipulate the paypal site; meaning he can't (at least in this case could not) access the bank info saved within Paypal. Meanwhile, as you mentioned, your brother already got accepted at the University (with full scholarship). So, cheer up -- relax -- and keep your eyes open to see a plethora of new initiatives carried out by modern day 'hackers'!

 

~@~  

Last edited: 17-Jul-08 06:55 PM
Read Full Discussion Thread for this article