[ISN] Indian Nuclear Center Admits Hacker Break-In

From: mea culpa (jerichoat_private)
Date: Thu Jun 04 1998 - 14:09:07 PDT

  • Next message: mea culpa: "Re: [ISN] Man poses as astronaut steals NASA secrets"

    Forwarded From: Kiera Wooley <kieraat_private>
    Indian Nuclear Center Admits Hacker Break-In
    By Martyn Williams
    TOKYO, JAPAN, 1998 JUN 4 (Newsbytes) Officials at an Indian nuclear research
    center have confirmed their computer network was infiltrated by a group of
    hackers and that the electronic mail system was accessed. "It's all taken
    care of, there's nothing to worry about," an official of the Bhadha Atomic
    Research Center (BARC) told Newsbytes by telephone.
    The official confirmed the claims of the a group of hackers calling
    themselves "Milw0rm" who said they managed to breach network security at
    BARC, change the Web home page and download five megabytes worth of e-mail
    and data.
    "It's a very normal loop hole in sendmail," the BARC official said. Sendmail
    is defacto Internet standard software for running electronic mail systems.
    "Definitely, there was some problem with sendmail, they were using an old
    version," he added before refusing to comment any further.
    Sendmail has been the object of many security attacks in the past and most
    security-conscious users have addressed the loopholes uncovered and
    documented over the years. The sendmail software at BARC had evidently not
    been updated with the latest security measures.
    The hackers believe they downloaded messages and data related to India's
    recent series of nuclear weapon tests but that has yet to be confirmed.
    A single e-mail message from the five megabytes downloaded was passed to
    Newsbytes. After being shown it, scientists of the University of Tokyo's
    Institute for Nuclear Studies said it had nothing to do with weapons but
    that it did contain, "pretty advanced nuclear physics."
    Newsbytes has also confirmed a second group of hackers attacked the BARC Web
    site. As opposed to the Milw0rm group, which attacked the network and
    accessed files, the second group replaced the home page on the internal web
    server with a simple message titled "Just Say No."
    The hacked web page said "Nuclear Tests in India. This page has been hacked
    in protest of a nuclear race between India, Pakistan and China. It is the
    world's concern that such actions must be put to end since, nobody wants yet
    another world war. I hope you understand that our intentions were good, thus
    no damage has been done to this system. No files have been copied or
    deleted, and main file has been just renamed," the Web page read.
    "Stop the Nuclear Race! We Don't Want a Nuclear Holocaust," it ended in
    large, bold, red letters.
    At time of writing, the BARC Web site, http://www.barc.ernet.in , had
    reverted back to normal although the second Web page hack remains available
    at http://www.barc.ernet.in/~barc/barc.html .
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:55:19 PDT