Welcome to WebmasterWorld Guest from 54.226.60.235

Forum Moderators: incrediBILL & lawman

Message Too Old, No Replies

The Reg has been hacked

     

glitterball

7:50 pm on Sep 4, 2011 (gmt 0)

10+ Year Member



It would seem that the register.co.uk has been defaced.

wheel

8:11 pm on Sep 4, 2011 (gmt 0)

WebmasterWorld Senior Member wheel is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Too bad,that's a great site.

In good news, it seems like the UK police are starting to grab people like this and lock them up. About time, I'd like to live in a world where hackers had the serious likelihood of jailtime for practicing.

tangor

8:30 pm on Sep 4, 2011 (gmt 0)

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



Yikes! I was there at 5am (my time) this morning. Just checked a few minutes ago and "can't reach site, try again in a few minutes). Then find this post at WW. Have no doubt that the weekend hit was intended (fewer people in the office).

robzilla

9:06 pm on Sep 4, 2011 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member Top Contributors Of The Month



Same goes for UPS, it seems. The servers weren't hacked, but the perpetrator changed the domains' nameservers somehow.

J_RaD

12:01 am on Sep 5, 2011 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member




I'd like to live in a world where hackers had the serious likelihood of jailtime for practicing.


hacking isn't evil, its these types go around making a mess for no good reason.

tangor

6:34 am on Sep 5, 2011 (gmt 0)

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



Back on line... but no reports yet...

Frank_Rizzo

9:16 am on Sep 5, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



DNS hacked, not the sites themselves.

Serious issue for punters of betfair, or registered (cookie login details saved) users of sites such as dell, ups, telegraph.

Whilst there is no evidence yet that any of the sites were spoofed to garner login details the risk was there.

Note too that many hackers just do this for fun and bragging rights. What they are doing is, ironically, a good thing. They are exposing the weaknesses and flaws with major institutions who should know better.

In cases like this (if it was just a redirect to a defacement page) shows the worst case scenario of what can be done. This group just did the redirect to a defaced site and got their 15 minutes of fame.

Now what if, 2 weeks ago, a rogue group did exactly the same exploit but did not crow about it? What if they redirected users to spoof sites and gathered thousands of login details?

wheel

1:21 pm on Sep 5, 2011 (gmt 0)

WebmasterWorld Senior Member wheel is a WebmasterWorld Top Contributor of All Time 10+ Year Member



If they put the people who did this in jail for a good long time, then in 2 weeks the next group will think long and hard about redirecting users to a spoof site. Right now there's no deterent.

pageoneresults

2:08 pm on Sep 5, 2011 (gmt 0)

WebmasterWorld Senior Member pageoneresults is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Turkguvenligi managed to hack NetName's DNS servers through a SQL injection attack, which involves putting commands into a web-based form to see if the back-end database responds. If those commands aren't scanned for malicious code, an attacker could gain access to the system.


Turkish Hackers Strike Websites With DNS Hack
[PCWorld.com...]

Zone-H.org
[Zone-H.org...]

J_RaD

3:47 pm on Sep 5, 2011 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member




If they put the people who did this in jail for a good long time, then in 2 weeks the next group will think long and hard about redirecting users to a spoof site. Right now there's no deterent.


then the DNS spoof bug would never be fixed. I don't like what they do but we don't have to drop the hammer on them as a murder 1 convict. The problem is this new hash of kiddies think that because they are behind a keyboard they think they are invisible and can get away with anything. I find it very odd that they are missing this most basic of steps.

I have never done such things in my past but.....

To catch a thief........



All great security pros lived another life, if they didn't they wouldn't be great. Its the double edged sword.

wheel

5:08 pm on Sep 5, 2011 (gmt 0)

WebmasterWorld Senior Member wheel is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Yeah, well I'm not big on the argument that criminals and vandals are somehow doing society some sort of service. The damage is still done.

And not all great security pros lived another life, any more than I have to be dead to sell life insurance or cops have to be crooks first. You've got a bunch of ridiculous arguments all in one post.

Frank_Rizzo

8:08 pm on Sep 5, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Would you rather they just ran MITM attacks, or stole login credentials and then covered their tracks?

Because that's what the real thieves are doing.

Script kiddies are finding an insecure lock and just spray painting the walls. They are letting you know that others may have been in there previously, copied all your documents and left without trace.

This is what the antisec movement is about. They are exposing the totally inadequate security which large corporations, governments and military sites are using. They are exposing the security experts (whom are paid millions) as pure snake oil peddlers.

Yes, what the script kiddies are doing is an annoyance. But if your site is ever going to be hacked let it be hacked by someone who has just left a note on your front page and told you about it, rather than a thief in the night who stole your data and you never get to know about it.

Leosghost

9:23 pm on Sep 5, 2011 (gmt 0)

WebmasterWorld Senior Member leosghost is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



^^^ what he said ..I had a site on a shared hosting package on a server that was hacked about 10 years ago..the experience and the fact that the hackers left their tag..allowed me to follow them to a forum ..where I found them discussing how it was done..

I had trusted my host at the time to have done the job of securing the server properly ..they had not..

I moved host overnight .. taught me a lot ..about people selling hosting packages who have no tech knowledge at all, just a point and click interface..and who allow all kinds of crap on their servers ..with no idea how to protect them ..or who just don't really care ..

Same goes for DNS..

Nowadays..I want people who rent me servers or space who I can phone 24/7/365 ..and who answer the phone with the company name that sold me the space and the bandwidth ..Not some "open a ticket"..send an "email" outsourced support that deals with multiple "hosters"..

A "deface" is "a wake up call"..that a door was left open ..that others may have already been through, in the past, silently ..or might have been able to, in the future, silently, without you ever knowing.

wheel

9:28 pm on Sep 5, 2011 (gmt 0)

WebmasterWorld Senior Member wheel is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Where I live there's basically no crime. We rarely lock our doors, frequently when we're not even home. I've returned home and found front doors wide open, garage door wide open, and kids playing down the street. I don't lock my car doors in the parking lots at the mall. The neighbor's teenage daughter jogs around the block at 11pm.

It's horrible. You know what would help? Some break and enters. That'd be great, remind us all how poor our security is. Yeah, that'd be wonderful - thanks folks for the lesson. Because they'd be doing us a favor, reminding us to lock our doors and not go out after dark.

g1smd

9:41 pm on Sep 5, 2011 (gmt 0)

WebmasterWorld Senior Member g1smd is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Not the same comparison at all, because with the internet they can break in from the other side of the world, and while you're in.

Leosghost

9:52 pm on Sep 5, 2011 (gmt 0)

WebmasterWorld Senior Member leosghost is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



I live in the same kind of place..and do the same kind of things ..and for 15 years living on the Côte d'azur..also didn't lock my doors and on hot nights left them open...and slept...still do here..never lock the doors when we go out..

Have the good fortune to live in places where people care about those around them.

Hosters are a different matter..most are too busy counting the money to care about the service.


as g1smd said ..the two things do not compare..

wheel

11:30 pm on Sep 5, 2011 (gmt 0)

WebmasterWorld Senior Member wheel is a WebmasterWorld Top Contributor of All Time 10+ Year Member



They compare fine, it illustrates exactly the point. it's the same argument that criminals somehow are doing any kind of service. What hogwash.

Leosghost

12:09 am on Sep 6, 2011 (gmt 0)

WebmasterWorld Senior Member leosghost is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Well in that case we should probably just take off and nuke them and their families from orbit ..its the only way to be sure ..

I'll bring the biscuits..you'll bring the ...

lucy24

12:18 am on Sep 6, 2011 (gmt 0)

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time Top Contributors Of The Month



How 'bout this way.

You leave for a long vacation, and in the excitement of the moment forget to close your back door. By and by a neighbor notices, closes and locks the door. And then leaves on a vacation of his own, overlapping your own absence, or simply forgets all about it.

If they leave a note on your kitchen counter saying "I locked the door on such-and-such date", you are alerted to the possibility of Something Bad having happened before then. If not, you may never know that you left the door open. Until months later, when you look for a special piece of jewelry and find the box empty.

Then again, if the kind neighbor had a warped sense of humor they would lock the door-- but only after rearranging your furniture, adjusting the curtains and putting your pictures upside-down.

J_RaD

2:55 pm on Sep 6, 2011 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member




And not all great security pros lived another life,


I said great ones, and yes if you don't think like one you'll never be 1 step ahead of one.

wheel you are obviously still pretty ripped over what was done to you in the past.

Planet13

5:54 pm on Sep 8, 2011 (gmt 0)

WebmasterWorld Senior Member planet13 is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



Removed by poster

Habtom

2:17 am on Sep 9, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



A registrar hacked through SQL injection -- that is unsettling.
 

Featured Threads

Hot Threads This Week

Hot Threads This Month