[ISN] Famous hacker Mitnick suffers break-ins to his corporate Web site

From: InfoSec News (isnat_private)
Date: Tue Feb 11 2003 - 07:05:27 PST

  • Next message: InfoSec News: "[ISN] 'Unreal' Security Risk"

    Forwarded from: Liz Borden <lizat_private>
    
    http://www.bayarea.com/mld/mercurynews/news/5149370.htm
    http://www.defensivethinking.com/press/defthi-hacked.htm
    
    Feb. 10, 2003
    
    WASHINGTON (AP) - The world's best-known computer hacker suffered the 
    indignity of having someone break into his new security consulting 
    company's Web site. But Kevin Mitnick shrugged it off as ``quite 
    amusing,'' not serious enough for him to call the FBI.
    
    Mitnick, whose federal probation on hacking charges ended a few weeks 
    ago, acknowledged that this weekend's electronic break-in at Defensive 
    Thinking Inc. of Los Angeles was actually the second time in weeks 
    that hackers found a way into the computer running the firm's Web 
    site.
    
    A hacker calling himself ``BugBear'' added one page to Mitnick's 
    corporate Web site on Jan. 30 with a message, ``Welcome back to 
    freedom, Mr. Kevin,'' and added that ``it was fun and easy to break 
    into your box.'' He included a photograph of a polar bear with two 
    cubs.
    
    Another, similar break-in occurred Sunday by a hacker in Texas who 
    asked Mitnick to hire him as the company's security officer.
    
    In neither instance did hackers vandalize the company's Web pages, and 
    one said in e-mail that he didn't do damage ``out of respect for me,'' 
    Mitnick said.
    
    Mitnick said he did not contact the FBI because the break-ins didn't 
    involve any financial loss to his company, which advertises ``training 
    and expertise to help you stop information theft.''
    
    The FBI and Justice Department would not comment.
    
    Most security experts consider the risk of such break-ins a nuisance 
    for government agencies and corporations, since sensitive information 
    about consumers is commonly stored on separate computers with better 
    protection. But these break-ins can be embarrassing for organizations 
    and indicate inattention to Internet security risks.
    
    ``No customer information was released nor was in danger of being 
    compromised,'' Mitnick's company said in a statement Monday.
    
    Mitnick's probation, which barred him from using the Internet, ended 
    Jan. 20. He was released from prison three years ago after serving a 
    five-year sentence. Mitnick was accused of costing companies millions 
    of dollars by stealing software and altering computer information.
    
    His supporters, who during his time behind bars plastered the phrase 
    ``Free Kevin'' on hundreds of Web sites, maintain that his crimes were 
    vastly exaggerated.
    
    Mitnick said Monday that the hackers apparently exploited separate 
    flaws in Internet server software from Microsoft Corp. The person 
    responsible for the company's Web site failed to apply the repairing 
    patches available from Microsoft, Mitnick said.
    
    ``I haven't had any time to play webmaster, but it looks like I'll 
    have to look into it,'' Mitnick wrote in an e-mail to The Associated 
    Press. ``Actually, it's quite amusing. All the hackers out there 
    figure if they can hack Kevin Mitnick's site, they're the king of the 
    hill.''
    
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Tue Feb 11 2003 - 11:11:42 PST