The UC Berkeley campus received an FBI report with evidence that
multiple computer accounts and systems was compromised in the time
frame of 2003-2005. The campus SNS (System and Network Security)
group believes that all evidence from the FBI report is consistent
with this being the UC Berkeley portion of the legacy of the
world-wide cyber attack by the infamous “Stakkato” alias. For more
information about Stakkato:
http://www.nsc.liu.se/~nixon/stakkato.pdf SNS forwarded information to EECS from the FBI report with what we
have identified as a copy of the department NIS domain
passwd file from November 18, 2004. This date appears to
correlate with activity via a compromised non-privileged user
computer account in EECS (this unauthorized activity was
presumably by Stakkato). Since Stakkato had access to very
powerful computing, Stakkato could have used “brute force” to guess
UNIX passwords.