Kansas University (KU) officials have expelled a student for installing a hardware keylogger and using the data acquired from the device to hack into the school's grading system and change his grades.
KU did not release the student's name to the public, but they said the keystroke logging device had been installed on one of the computers in its lecture halls.
The student used data collected from the device to change F grades into A grades. Professors said the incident would not have been noticed if the student didn't get greedy about modifications.
Keystroke logger bought online
The hardware device the student used was a run-of-the-mill hardware keylogger that anyone can buy on Amazon or eBay for prices as low as $20.
Speaking to local media [1, 2, 3, 4], various KU professors said they hope not to see any copycats in the near future.
KU faculty is also mad at their management because the incident took place last spring, but they only found out about it two weeks ago, at the start of the new year, as a passing reference during a meeting.
Professors said they would have liked a warning so they could watch out for similar incidents on their own, and keep a closer look at the grades they assigned. They also hope the university presses charges with local police to deter similar cases.
Similar cases have happened in the past
This is not the first time students hack their university or professors to change grades. Back in 2015, a Louisiana high school suspended a whopping 45 students at once for hacking the school's grading system and changing grades.
Similar hacks have occurred in other countries as well, such as China. The Technion Institute of Technology in Haifa, Israel expelled a student in March for hacking into professors' emails seeking information to boost his grades.
Other students not skilled enough to hack their school just choose to launch DDoS attacks instead [1, 2]. In almost all cases, students are caught and sometimes end up facing legal action.
Comments
Occasional - 6 years ago
Good piece CC. No need to squint to read between the lines, to notice the near indifference on the part of faculty and administration. But then, maybe they just remembered how they earned their degrees, and opted to only throw stones underhand.
Occasional - 6 years ago
$20 online, for a key logger. I might buy one to use against - myself. Could be an eye opener, to realize just much useful clear text data might be at risk. A little like being my own Certified Ethical Hacker.
[Actually, I won't; as I don't have the skills to be sure the USB device won't be loaded with malware to spy on both the target and the attacker (so they'd get me twice, in this case).]
anker_by - 6 years ago
It's funny, if they want to study go open the book and put the noise, there this is very funny. lol
pbeau49 - 6 years ago
A similar incident happened at a school I was working at. IT took some responsibility and heat for not locking the bios of the public computer the key-logger was installed on. We contacted the the vendor of the installed software with the serial number of the product and they provided us with the password to access the program. The irony was that the perpetrator had logged into his private email from the compromised computer which contained the receipt and purchase information of the key-logging software and had done so while the software was recording. We also tracked his registered laptop logging into faculty members email accounts. The honors student found himself getting expelled.
JeremyHarris - 6 years ago
<p>Deleted.</p>
<p> </p>
<p>Chris c</p>