[ISN] Anti-Nuke Cracker Strikes Again

From: mea culpa (jerichot_private)
Date: Sat Jul 04 1998 - 14:24:33 PDT

  • Next message: mea culpa: "Re: [ISN] Reminder about WIPO Bill (from COAST)"

    [Moderator: Saying this took one hour is quite misleading or downright
     wrong. Even if the sites had already been hacked, it would take more
     than an hour to log into each of 300 servers and upload a new page.
     I am contacting James Glave to get a list of which sites were hit as 
     well.]
    
    Forwarded From: blueskyt_private
    
    Anti-Nuke Cracker Strikes Again
    by James Glave 
    
    5:08pm  3.Jul.98.PDT
    An 18-year-old member of the anti-nuclear cracker
    group that last month wreaked havoc with email
    and Web servers at India's atomic research center
    has struck again with another Internet political
    protest. 
    
    In what may be the largest "mass hack" ever
    undertaken, the cracker, who goes by the name
    "JF," along with a number of anonymous
    colleagues, simultaneously defaced more than
    300 Web sites late Thursday. The group replaced
    the sites' homepages with an image of a
    mushroom cloud and an anti-nuclear screed. 
    
    "This mass takeover goes out to all the people out
    there who want to see peace in this world," read
    the 800-word declaration that graced an eclectic
    mix of general interest, entrepreneur, adult, sport,
    and fan sites until early Friday morning. 
    
    Affected domains included sites for The World
    Cup, Wimbledon, The Ritz Casino, actor Drew
    Barrymore, and The Saudi Royal Family. Some of
    the sites were still defaced or down as of late
    Friday afternoon, when Wired News spoke with JF
    over Internet Relay Chat. 
    
    "The year is 1998," wrote JF, who is based in
    England. "We should be moving towards world
    peace in the millennium, and nuclear warfare [and]
    testing is NO way forward. It can destroy the
    world," the teen said. 
    
    "I'm only young; I don't want a hostile world on the
    edge of a nuclear conflict," he added. 
    
    The mass hack happened almost by accident.
    While scanning a large network, looking for
    security weaknesses, JF and his colleagues came
    across a Web site hosting company called
    EasySpace. The firm, based in Kingston upon
    Thames, England, offers "virtual domain" hosting --
    an arrangement where multiple Web sites are
    located on a single server. 
    
    "We ... came across this, at first by accident,
    then [we] realized what it was, and as we were
    planning a mass hack, we decided to put it into
    operation," JF said. 
    
    The teen said that he and his colleagues --
    members of another group called Ashtray
    Lumberjacks -- penetrated EasySpace's network
    with what they claimed was a nonpublic attack,
    and ran computer code that inserted the same
    altered Web page on all the sites hosted at
    EasySpace. 
    
    The entire operation was completed in
    approximately one hour, he said. 
    
    EasySpace representatives could not be reached
    for comment. 
    
    The resulting protest Web page bore the logo of
    JF's group Milw0rm. Last month, the same group
    claimed responsibility for stealing email and
    deleting Web servers at the Bhabha Atomic
    Research Centre in Bombay, India. In the latest
    protest statement, the crackers expressed their
    disappointment that peace talks had not begun on
    the subcontinent. 
    
    "This tension is not good, it scares you as much
    as it scares us. For you all know that this could
    seriously escalate into a big conflict between India
    and Pakistan and possibly even World War III, and
    this CANNOT happen," the text read. 
    
    John Vranesevich, founder of the computer
    security Web site AntiOnline, said that mass Web
    page attacks, affecting multiple sites at one time,
    are not common events. 
    
    "Usually any Internet Service Provider that hosts
    such a large number of domains has very good
    security procedures in place simply because they
    are usually a larger operation," Vranesevich said. 
    
    Vranesevich added that the group was unusual in
    that its members appear to be driven as much by
    politics as they are by computer security issues. 
    
    "They're not claiming to be hacking to help
    progress computer security and to help make new
    exploits known. They're doing it for political
    reasons; it's not the means that's important it's the
    end result," Vranesevich said. 
    
    
    -o-
    Subscribe: mail majordomot_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:57:49 PDT