[ISN] ACLU suffers hack on AOL

From: mea culpa (jerichoat_private)
Date: Tue May 19 1998 - 14:15:35 PDT

  • Next message: mea culpa: "[ISN] Computers - IT - Hosing Down the Firewall"

    Forwarded From: Aleph One <aleph1at_private>
       ACLU suffers hack on AOL
       By Jim Hu
       Staff Writer, CNET NEWS.COM
       May 18, 1998, 6:25 p.m. PT
       When America Online users wanted to check up on the latest
       information from the American Civil Liberties Union (ACLU) today,
       they were greeted with a simple message: "HEY DID ENDO HACK ME?"
       While previous attacks on AOL content pages often have left the
       graphics intact or changed just the text on the sites' title bar,
       today's attack wiped out all images and reduced the page to text
       proclaiming: YES HE DID!
       AOL has since taken down the site, and will not permit access to users
       that type in "ACLU" as a keyword until the site is cleaned up, an AOL
       spokeswoman said.
       Neither the ACLU nor AOL believe the hack was politically motivated.
       Instead, ACLU spokeswoman Emily Whitfield said the attack was more a
       "mischief hack" than someone expressing antipathy toward the
       "We will be looking into security measures in our AOL site and online
       site, and checking with our service providers to make sure they're
       doing everything possible to prevent security breaches," said
       According to industry newsletter AOL Watch, the ACLU today became
       the latest in a list of AOL sites that have been tampered with,
       including the New York Times, Business Week, and Reebok,
       among others. Many times, these hacks resulted in vulgarized text
       changes or the notification of the hacker's success.
       Nonetheless, AOL said the incident was the result of a password
       compromise, which the company cites as the most common cause of hacks
       in its proprietary service. AOL explained that passwords can be
       harnessed by means of a so-called Trojan horse file. Trojan horses are
       files that are delivered to users via attachments that "masquerade" as
       help files, screen savers, and the like. When a user opens the
       attachment, it records the user's keystroke patterns and can record
       the user's password. Once the password is successfully recorded, it is
       sent back to the hacker, and the outgoing message is deleted from the
       victim's email out-box.
       And how does AOL advise its members to be less susceptible to Trojan
       horses? "You shouldn't be downloading files from strangers," said
       Tatiana Gau, who oversees AOL members' security.
       In the case of today's ACLU hack, AOL has not confirmed the presence
       of a Trojan horse, but it is expected to undergo an investigation to
       determine the cause of the password compromise. If a Trojan horse is
       detected, AOL plans to refer the matter to law enforcement.
       Though the ACLU first began its online efforts on AOL's proprietary
       service, the organization does not seem to be overly anxious about the
       incident, since its Web sites outside the AOL network are running
       "In respect to the Trojan horse, it's pretty much safe to say that
       Troy has not fallen today," said Whitfield.
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:53:39 PDT