Some Awesome Engineer Hacked, Got Classes Cancelled

Maybe the overuse of the word “shall” should have clued everyone in.

Why is the time on the first email after the time on the second?

I don’t know, acutally– that’s how the emails were forwarded to me. It’s weird because it says that the original email was sent at 1:21 pm, which would have been like 10 minutes ago instead of around 10 am when it actually happened. Maybe a result of the hacking, maybe a typo from our tipster, but I don’t think it really affects the stiuation

Original email was sent at 8:22 am. Also, another admin sent this at 10am

The email below was sent in error and classes have not been canceled in the Moore Bldg. Please feel free to email me directly with questions or concerns.

Enjoy your day!
Cindi Buoni
Associate Director
Academic Programs Office

Afterwards, there was this email at 10:36:

Dear all,

the problem has been resolved. Please don’t ignore my emails.
SEAS-Weekly and GSEG emails will be going out soon!

Thanks!

S. Sonya Gwak, Ph.D.
Associate Director for Student Affairs and Graduate Admissions University of Pennsylvania, School of Engineering and Applied Science Office of Academic Programs 220 S. 33rd Street, 111 Towne Building, Philadelphia, PA 19104
Email: sgwak@seas.upenn.edu
Tel: 215-898-7246
Fax: 215-573-5577

someone did it to one of my classes. No hacking was involved, just a simple php email spoofer.

This guy did no hacking either. S/he visited a simple website that lets you type in the contents of the “From: ” field. Emails are just text files sent across the internet, so they are by no means secure by default.

They weren’t even smart enough to write their own CGI mailer – If you look at the headers of the spoofed e-mail, they used the website http://www.emkei.cz. Interestingly, somewhere along the line, the e-mail was detected as being suspicious, as the note “(may be forged)” is also present in the headers, and the e-mail has a “suspicious” spam score of 1.

This is traceable from many angles, especially considering the scale of Penn’s legal team. Whoever did this could have done a much cleaner job.

I also got another hoax email from one of my engineering professors saying that the final for his class was moved to the 10th:

“Dear Students,
Due to scheduling conflicts the final exam has been postponed to the 10th of may.
If there are any questions or concerns please let me know immediately.

Prof. Peter K. Davies
Dept. Materials Science
(200 LRSM; 898-1013) ”

My professor responded three hours later saying that his final exam wasn’t postponed and that this email was a hoax. But anyways this computer hacker is jumping the gun, it’s not april fool’s day for a week and a half!

exsqueeeeeze me but let’s not forget about the awesome april fools prank from 2009 when some whartonites were tricked into believing that they had to make up an exam due to cheating??

Why don’t you other engineers try and email the seas undergrad listserv right now? You need an account with permission in order to send to it…

if only Morgan Finkel were as cool as this engineer maybe she could actually teach me a thing or two and help me study

LOL nice idea..and nice use of emkei.cz !! but totally useless as its the easiest way to trace you back..

thanks for the expert witness testimony, csstudent. and why would you write your own cgi mailer? you need to have a super cool custom web app just to use postfix? a ‘cleaner job’ by similar methods would not make it any harder for gwak to realize that she wasn’t the one who sent it, nor harder for cets to realize it didn’t originate from her account.