http://www.computerworld.com/storyba/0,4125,NAV47-68-84-88_STO61694,00.html By JENNIFER DISABATINO June 26, 2001 Two servers for the instant messaging service ICQ were cracked yesterday, defacing at least one Web page. Dulles, Va.-based America Online Inc., which owns the ICQ instant messaging service, said the problem was quickly resolved and no user data was compromised. The ICQ service is interoperable with AOL's proprietary service, AOL Instant Messenger. Security monitoring site Attrition.org posted: "On June 25, 2001, two machines on ICQ's network were compromised and the Web pages defaced. These defacements lead us to wonder if other parts of the network were compromised, possibly allowing access to private ICQ messages, subscriber database or more." A hackers group called MiH, or Men in Hack, compromised the ICQ homepage. "The first machine compromised was the ICQ homepage used to search the ICQ network and user base," according to an Attrition advisory released yesterday. "The second machine compromised serves an unknown purpose. Originally defaced by MiH, the page is currently defaced by Silver Lords and has no indication of the original content." AOL, in an e-mail response to a query about the attack, said it was aware of one community page on www.icq.com that had been altered, adding that the defaced page was one of 20,000 pages. The problem was resolved with a security patch, AOL said. "There was no user account impact whatsoever, and no user information was at any time compromised," AOL said in the statement. ISN is hosted by SecurityFocus.com --- To unsubscribe email isn-unsubscribeat_private
This archive was generated by hypermail 2b30 : Wed Jun 27 2001 - 00:11:29 PDT