Forwarded From: Kiera Wooley <kieraat_private> Indian Nuclear Center Admits Hacker Break-In NewsBytes 04-JUN-98 By Martyn Williams TOKYO, JAPAN, 1998 JUN 4 (Newsbytes) Officials at an Indian nuclear research center have confirmed their computer network was infiltrated by a group of hackers and that the electronic mail system was accessed. "It's all taken care of, there's nothing to worry about," an official of the Bhadha Atomic Research Center (BARC) told Newsbytes by telephone. The official confirmed the claims of the a group of hackers calling themselves "Milw0rm" who said they managed to breach network security at BARC, change the Web home page and download five megabytes worth of e-mail and data. "It's a very normal loop hole in sendmail," the BARC official said. Sendmail is defacto Internet standard software for running electronic mail systems. "Definitely, there was some problem with sendmail, they were using an old version," he added before refusing to comment any further. Sendmail has been the object of many security attacks in the past and most security-conscious users have addressed the loopholes uncovered and documented over the years. The sendmail software at BARC had evidently not been updated with the latest security measures. The hackers believe they downloaded messages and data related to India's recent series of nuclear weapon tests but that has yet to be confirmed. A single e-mail message from the five megabytes downloaded was passed to Newsbytes. After being shown it, scientists of the University of Tokyo's Institute for Nuclear Studies said it had nothing to do with weapons but that it did contain, "pretty advanced nuclear physics." Newsbytes has also confirmed a second group of hackers attacked the BARC Web site. As opposed to the Milw0rm group, which attacked the network and accessed files, the second group replaced the home page on the internal web server with a simple message titled "Just Say No." The hacked web page said "Nuclear Tests in India. This page has been hacked in protest of a nuclear race between India, Pakistan and China. It is the world's concern that such actions must be put to end since, nobody wants yet another world war. I hope you understand that our intentions were good, thus no damage has been done to this system. No files have been copied or deleted, and main file has been just renamed," the Web page read. "Stop the Nuclear Race! We Don't Want a Nuclear Holocaust," it ended in large, bold, red letters. At time of writing, the BARC Web site, http://www.barc.ernet.in , had reverted back to normal although the second Web page hack remains available at http://www.barc.ernet.in/~barc/barc.html . -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:55:19 PDT