[ISN] 'Eddie Murphy' Hackers Demand Ransom From Rock Band

From: InfoSec News (isnat_private)
Date: Mon Mar 11 2002 - 22:41:55 PST

Next message: InfoSec News: "[ISN] The Secret Service's Bob Weaver on Preparing for the New World Disorder"

Previous message: InfoSec News: "[ISN] Feds step up cybercrime battle in Fresno"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.newsbytes.com/news/02/175103.html

By Brian McWilliams, Newsbytes
BOULDER, COLORADO, U.S.A.,
11 Mar 2002, 10:45 AM CST
 
A group calling itself "Hackers for Eddie Murphy" posted a ransom note
Sunday on the front door of the Web site operated by Colorado-based
rock band The String Cheese Incident.

According to the defacement, which appeared to be a tongue-in-cheek
hoax, the hackers demanded a payment of $1 million for the return of
the site's servers "to their normal state of well being."
 
The attackers' message, which was still viewable this morning, said
they would use the money to "jump start" production of "Beverly Hills
Cop 4," another sequel to Murphy's 1984 movie. "Beverly Hills Cop 3"  
was released in 1994.

The String Cheese Incident (SCI) is a group of former ski bums that
has become Colorado's favorite band, according to the
Stringcheeseincident.com Web site. The group's music is reminiscent of
that of the Grateful Dead.

SCI representatives were not immediately available for comment.

The defacement instructed SCI site operators simply to leave the
million dollars "at the corner of the Oak and Fifth" but did not
specify the city. The attackers did not leave any contact information.

The Web site, which appeared to be hosted by a Boulder-based Internet
service provider named Indra's Net, is running the Apache Web server
on the Red Hat Linux operating system.

The Stringcheeseincident.com server appeared to be using a vulnerable
version of the WU-FTPD file transfer program. According to a November
2001 advisory from the Computer Emergency Response Team, WU-FTPD
version 2.6.1 contains a security hole that could allow remote
attackers to take control of the server.

Aside from the main page, the rest of the SCI site pages appeared
untouched. An online ticketing section, as well as a merchandise area,
appeared to be hosted on separate servers.

The SCI site was the first defacement by Hackers for Eddie Murphy,
according to records maintained by the Alldas defacement archive.

The String Cheese Incident site is at
http://www.stringcheeseincident.com

A mirror of the SCI defacement is at
http://defaced.alldas.org/mirror/2002/03/10/www.stringcheeseincident.com/



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
of the mail.

Next message: InfoSec News: "[ISN] The Secret Service's Bob Weaver on Preparing for the New World Disorder"
Previous message: InfoSec News: "[ISN] Feds step up cybercrime battle in Fresno"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Mar 12 2002 - 01:52:03 PST