[ISN] Russian Coder: I Hacked Georgia's Sites in Cyberwar

From: InfoSec News <alerts_at_private>
Date: Fri, 24 Oct 2008 04:09:17 -0500 (CDT)

By Noah Shachtman 
Danger Room 
October 23, 2008 

Government and independent investigators are still trying to figure out 
who, exactly, hit Georgia's websites during its August war with Russia. 
Now, one of the hackers who claims to be behind some of the cyberattacks 
is telling all.

When the online assaults against Georgia began, everyone from the 
Russian government to a defunct, Moscow-based criminal consortium was 
blamed. A recent, preliminary report from the "Grey Goose" collection of 
online sleuths alleged that nationalistic Russian hackers, working 
largely on their own, bore a great deal of responsibility for the 

The account from Leonid "R0id" Stroikov, in the latest edition of Xakep 
("Hacker") magazine, appears to confirm the Grey Goose hypothesis. In 
the article, Stroikov talks about how he hit the website of the Georgian 
parliament — and why he decided to do it.

Countries today, Stroikov writes, "actively use the Internet for 
transmitting their point of view." So when Stroikov's "peaceful drink of 
beer" was "unexpectedly interrupted with the news of the developing 
situation in the Georgian-Ossetian conflict," he decided to strike a 
blow for Russia in the information war.

Stroikov wasn't able to break into his first few targets: the news site 
presa.ge and the search engine internet.ge. But he says he found better 
luck at parliament.ge, the website of the Georgian assembly.

First, he used an SQL injection (junk code that confuses a website's 
back-end database) to get into parliament.ge's list of users. Then, 
Stroikov employed a brute force attack to get an administrative password 
for the site.


Register now for HITBSecConf2008 - Malaysia! With 
a new triple-track conference featuring 4 keynote 
speakers and over 35 international experts, this 
is the largest network security event in Asia and 
the Middle East! 
Received on Fri Oct 24 2008 - 02:09:17 PDT

This archive was generated by hypermail 2.2.0 : Fri Oct 24 2008 - 02:24:06 PDT