RE: [ISN] Hacking IIS -- how sweet it is

From: InfoSec News (isnat_private)
Date: Mon Aug 13 2001 - 01:23:08 PDT

  • Next message: InfoSec News: "[ISN] Centre detects 2,503 computer hacking cases since 1997"

    Forwarded from: Luqman Mahmud <Lmahmudat_private>
    I buy a lot of stuff from and was shocked to learn of a
    possible breach.  After reading the Carders BB at
    (  it seems
    like this so called breach may never have happened.  The Register page
    wasn't available and the General Manager of replied on the BB that Mwave had not been "hacked".  They did have a
    CodeRed version 1 compromise which defaced their website but their
    database was not compromised.  They have a response on their web site
    Luqman Mahmud
    -----Original Message-----
    From: owner-isnat_private [mailto:owner-isnat_private] On Behalf
    Of InfoSec News
    Sent: Saturday, August 11, 2001 2:51 AM
    To: isnat_private
    Subject: [ISN] Hacking IIS -- how sweet it is
    By Thomas C Greene in Washington
    Posted: 10/08/2001 at 19:29 GMT
    We've looked over a few recent credit-card database compromises brought
    to our attention by CardCops (formerly AdCops), an organization which
    tries to get the straight dope on e-commerce hacks directly from the
    blackhat community to better inform merchants of threats to their
    The most recent victims CardCops has seen are on-line perfumery; computer retailer; and a very large Texas
    ISP called, which gave up many thousands of credit card
    details, along with the records of 500 businesses and their FTP logins.
    All of the victims are running IIS 4 or 5 over Win-NT or 2K.
    Not surprisingly, Microsoft IIS is quite popular among carders, because
    its got lots and lots of holes, and because its often used by people who
    lack the technical know-how to bung them. It's easy to use, which makes
    it particularly attractive for those who want to break into e-commerce
    on a shoestring, and particularly attractive as well for those who just
    want to break in.
    CardCops founder Dan Clements reckons that IIS is in use by roughly
    fifty per cent of e-merchants, but represents over eighty per cent of
    their data compromises.
    Under its 'amnesty program,' CardCops seeks information from active
    carders in exchange for a guarantee that they won't be tracked, reported
    or otherwise harassed. The idea is to warn the merchants and card
    issuers when they've been hacked, and to learn which exploits are most
    popular and most successful.
    ISN is currently hosted by
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Mon Aug 13 2001 - 06:20:29 PDT