Hacker group gets dose of own medicine
An alliance called Hackers Against America (HAA) has received a dose of its own medicine with its own website having been defaced, according to information at the defacement archive Zone-H.org.
The group had its website hosted by a free provider in Russia. According to Zone-H, it had claimed that new members were rapdily joining up, including one America who had links to the Al Qaeda group.
However, one hacker (for whom Zone-H used the pseudonym Marcos) thought it was stupid to attack US server and be affiliated to terrorist groups and so he (Marcos) wrote to HAA, telling them what he thought of their ideas.
The reply he got, according to Zone-H, was so full of insults that Marcos decided to see what he could do to send a message to the group.
He used the headers of the mail sent to him to find the IP address and DNS of the sending server. Scanning it, he found that BIND (software used for DNS) and an FTP server were running.
Zone-H said Marcos found that the version of BIND being used was vulnerable to an old exploit which he then used to gain access to the site. He then modified the DNS so that when the site webmaster tried an FTP connection in order to update the site, he would be sent to Marcos's own FTP server.
Once the webmaster logged in, Marcos had access to the FTP username and password which he promptly used to deface the website after deleting all the other content.
In Portuguese, he wrote: "This site has been permanently disabled for dirtying the term hacker and planting absurd and ridiculous ideas."
HAA was using the same password for its email account on Yahoo! Hong Kong and Marcos closed this account as well, according to Zone-H.
The group had its website hosted by a free provider in Russia. According to Zone-H, it had claimed that new members were rapdily joining up, including one America who had links to the Al Qaeda group.
However, one hacker (for whom Zone-H used the pseudonym Marcos) thought it was stupid to attack US server and be affiliated to terrorist groups and so he (Marcos) wrote to HAA, telling them what he thought of their ideas.
The reply he got, according to Zone-H, was so full of insults that Marcos decided to see what he could do to send a message to the group.
He used the headers of the mail sent to him to find the IP address and DNS of the sending server. Scanning it, he found that BIND (software used for DNS) and an FTP server were running.
Zone-H said Marcos found that the version of BIND being used was vulnerable to an old exploit which he then used to gain access to the site. He then modified the DNS so that when the site webmaster tried an FTP connection in order to update the site, he would be sent to Marcos's own FTP server.
Once the webmaster logged in, Marcos had access to the FTP username and password which he promptly used to deface the website after deleting all the other content.
In Portuguese, he wrote: "This site has been permanently disabled for dirtying the term hacker and planting absurd and ridiculous ideas."
HAA was using the same password for its email account on Yahoo! Hong Kong and Marcos closed this account as well, according to Zone-H.
Comments
Post a Comment