Difference between revisions of "One Small Favour"
From Jackpoint
m |
m |
||
Line 4: | Line 4: | ||
*Black Cat, a new admin, received spam on a new commcode very shortly after it was given admin and before it was released publicly. | *Black Cat, a new admin, received spam on a new commcode very shortly after it was given admin and before it was released publicly. | ||
− | *[[George Maybury]], a former tech worker at Setpoint Social, heard about some of the admins of his host receiving similar messages about a month ago. When the messages failed to have any effect, the outside force compromised several accounts on the board of directors, seized majority, fired everyone else, and took over the company. | + | *[[George Maybury]], a former tech worker at [[Setpoint Social]], heard about some of the admins of his host receiving similar messages about a month ago. When the messages failed to have any effect, the outside force compromised several accounts on the board of directors, seized majority, fired everyone else, and took over the company. |
*Possible evidence that the user database has been accessed illegally, or else someone on the inside is already compromised. | *Possible evidence that the user database has been accessed illegally, or else someone on the inside is already compromised. | ||
*The messages were traced to a small-time corporate host which doesn't see much use. | *The messages were traced to a small-time corporate host which doesn't see much use. |
Revision as of 11:06, 6 November 2017
(Will be written up in character later)
Selene gets a message from Gabrijel, sysop of Cloud9. Apparently some outsiders are trying to buy admin credentials and buy the host. She looks into it and finds the following:
- Black Cat, a new admin, received spam on a new commcode very shortly after it was given admin and before it was released publicly.
- George Maybury, a former tech worker at Setpoint Social, heard about some of the admins of his host receiving similar messages about a month ago. When the messages failed to have any effect, the outside force compromised several accounts on the board of directors, seized majority, fired everyone else, and took over the company.
- Possible evidence that the user database has been accessed illegally, or else someone on the inside is already compromised.
- The messages were traced to a small-time corporate host which doesn't see much use.
- We found data sent from the source host consisting of legal documents and contracts in Japanese. The host is on the Emerald City grid and a camera was traced to an address in Tacoma. There is a law firm in that office building, and one partner is Japanese. One of the offices in that building is for rent.
Things we want to investigate:
- The host which is the source of the latest messages. Who accesses it and why?
- The Setpoint Social host which was taken over. What are they using it for?
- We set up a new admin account on a throwaway commcode. If anyone accesses that data, they are suspicious.
- We have the address of the office building (Kaplan Square) where the camera connected to the source host was traced to.
- We have the address of the building where the Setpoint Social host has a direct connection.