A Django site.
September 21, 2008

Inside Security News
insecnews
is about »
» Aberdare College / Coleg Morgannwg defacement

I have been informed, that Aberdare College / Coleg Morgannwg [1, 2] a University of Glamorgan Partner College has been defaced. It seams that the defacement happened on Friday 19 Sep. around 21:3x. The hacker with alias abuder3 seams to have been responsible for the defacement. A look online [3] (i.e., google) shows that there are more defacements and Zone-h.org reports [4] a few more.

Based on his profile on Zone-h.org and the Google searches we can see that this person is targeting random sites and a certain Operating System (i.e., Win 2000). It seams that there is a zero-day vulnerability that this person is using and he is passing some kind of political message. Like the reporting of the CERN hack, in my previous post, his message is in his own language and therefore it is hard to impossible for English speakers to understand any message conveyed.

His main purpose is to create collateral damage, without any particular reason. It is often seen as a way of self-promoting ones self. Surely he has caused frustration. Once again we do not agree with these types of actions.
Images:

On-load
Defacement
Site Source
Site & Source

Links used:
[1] Aberdare College / Coleg Morgannwg - http://www.morgannwg.ac.uk/morgannwg/
[2] Aberdare College / Coleg Morgannwg - http://www.aberdare.ac.uk/morgannwg/
[3] abuder3 - Google Search - http://www.google.co.uk/search?hl=en&q;=abuder3&btnG;=Google+Search&meta;=
[4] Zone-H.org - abuder3 Filter - http://www.zone-h.org/component/option,com_attacks/Itemid,160/filter_defacer,abuder3/

September 15, 2008

Inside Security News
insecnews
is about »
» A Hacker Cause : CERN site defacement

Let us see how the Greek defacement of a CERN website is a cry for unity in the online Greek Security scene dominated by hacker bullies, wannabes and script-kiddies .

A few days ago (i.e., 9-10 Sep. 2008) one of CERN’s websites, the Compact Muon Solenoid Experiment (CMS) monitoring site (i.e.,http://cmsmon.cern.ch), was hacked and defaced by Greek hackers going by the name Greek Security Team (GST). What is interesting is that BBC has a report on the matter[1]. After reading the original defaced webpage from a screenshot a user has left on a blog [2], I think the BBC is reporting things incorrectly. As a fluent Greek speaker I can read and understand the message the hackers are trying to pass on and interpret it accordingly.

Unfortunately the BBC [1] reports:
‘The CMS website displayed a page with a mocking message, in Greek, which included the line: "We are 2600 - don't mess with us".’

And

‘The number 2600 is often used by the hacking community. It is believed to have originated in the US in the 1960s with the discovery that a tone of 2600Hz played down the line could be used to access restricted parts of the national telephone system. ’

All this is well and correct but the message the hackers left is not that. After reading the text it is clear that the message is targeting other so called hackers/security individuals that chat all day and provide no knowledge or product to the security community. The phrase "We are 2600 - don't mess with us" is supposedly that of these so called individuals/script-kiddies that use this phrase (and ‘2600’) to discourage and intimidate others without providing any meaningful results (i.e., loosely translated πράξη ) . It is clearly an Internet social states cry for reform for the online Greek Security communities.

It is also mentioned that the defacers also patched a security bug. .. who knows.. only the site admin.

Obviously there is more in the defacement posting but I will not sit and translate the whole document as it is not the purpose of this blog posting.

Personal disappointment
Might I also add at this point that I enjoyed the freedom of looking around at the different sites provided by the CERN project. I think I was on that site (i.e.,CMS mon.) recently and I could see the live status of the CMS project. Now the site has been taken down, my curiosity has to be limited to what news sites report. Some of the disadvantages of web page defacements, public access denied!

Links Used:

[1] -BBC News - 'Big bang' experiment is hacked - http://news.bbc.co.uk/1/hi/technology/7616622.stm
[2] - The Daily Buzzz - 'Hackers HACK Large Hadron Collider’s computer system! How Safe…' - http://www.dailybuzzz.com/science/hackers-hack-large-hadron-colliders-computer-system-how-safe