An ALLIANCE OF HACKERS dubbed the Hackers Against America (HAA) has had its website defaced by a Hacker named Marcos. HAA was hacked because they did not follow two key best practices:
1. They did not keep the Operating System patched up
2. They used the same Password for their network as they did for sites they accessed on the Internet.
Hackers hacked by hacker
How they did it
HAA were running a version of BIND which was so old that it had a certain vulnerability which all hackers knew about. Being the sort of network experts they are, the Pirates had failed to install the patches. Marcos modified the DNS so that when the site webmaster tried an FTP connection to update the site, he would be sent to Marcos's own FTP server. When HA's webmaster logged in, Marcos nicked his FTP username and password which he promptly used to deface the website after deleting all the other content, it transpires.
In another security twist, it appears that the hackers had used the same password on their yahoo email sites… so Marcos closed them. Well if you don’t take the most basic security precautions, it is clear you will get hacked. Maybe HAA should get some security experts in.
Edited by harrywaldron, 21 May 2004 - 08:30 AM.