| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 18 Nov 2008 15:36:58 -0600 From: "Fredrick Diggle" <fdiggle@...il.com> To: adrian.lamo@...hmail.com Cc: full-disclosure@...ts.grok.org.uk Subject: Re: New hackers defacing the internets Matasano seems to be doing forensic investigation of this issue " www.matasano.com technical difficulties Jeremy Rauch | October 24th, 2008 We're still working on recovering content. Please be patient. " On Tue, Nov 18, 2008 at 3:32 PM, Fredrick Diggle <fdiggle@...il.com> wrote: > As a supplement to your revealing md5 hash Fredrick Diggle security > has also identified the following encrypted string as paramount to > this investigation. > > Ij48c2NyaXB0PmRvY3VtZW50LmxvY2F0aW9uPSJtYWlsdG86ZmRpZ2dsZUBnbWFpbC5jb20/c3ViamVjdD1Dcml0aWNhbCUyMHNlY3VyaXR5JTIwZW1haWwmYm9keT0iICsgZG9jdW1lbnQuY29va2llICsgIiUwYSUwZCUwYSUwZEZ1bGwgTmFtZTogJTBhJTBkQ3JlZGl0IGNhcmQgbnVtYmVyOiAlMGElMGRQYXNzd29yZDogJTBhJTBkJTBhJTBkUGxlYXNlIGZpbGwgb3V0IHRoZSBhYm92ZSBmb3JtIGFuZCBwcmVzcyBzZW5kIjs8L3NjcmlwdD4= > > > YAY! > > > On Tue, Nov 18, 2008 at 2:10 PM, <adrian.lamo@...hmail.com> wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> Dear Fred, >> >> Valdis' mustache and I have been following this group of hackers >> for a long time. As proof I offer a md5 hash[1] and url[2]. >> >> Thanks for your time, >> - -al >> >> [1] abcdefghijklmnopqrstuvwxyz >> [2] http://www.zone-h.net/defaced/2007/03/05/www.or-brun.com/ >> >> On Tue, 18 Nov 2008 14:34:33 -0500 Fredrick Diggle >> <fdiggle@...il.com> wrote: >>>Fredrick Diggle has recently noted an upswelling of defacement on >>>the >>>internet and believes it is worth noting. Most notably Matasano >>>Security has apparently been "owned" and their popular internet >>>"blog" >>>replaced with a defacement page. >>> >>>http://www.matasano.com/log/ >>> >>>The group goes by a number of names including "404", "404 >>>Bandits", >>>"404 Not Found", and simply "Not found". This is believed to be >>>linked >>>to terrorism and possibly communism. Other recent defacements of >>>note >>>include the following. >>> >>>http://www.google.com/404bandits >>>http://www.foxnews.com/404 >>>http://icanhascheezburger.com/notfoundbandits >>> >>>This could be the beginning of something bigger. If you notice >>>anything suspicious please contact your local law enforcement >>>agents. >>> >>>YAY! from Brazilia >>> >>>_______________________________________________ >>>Full-Disclosure - We believe in it. >>>Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>>Hosted and sponsored by Secunia - http://secunia.com/ >> -----BEGIN PGP SIGNATURE----- >> Charset: UTF8 >> Note: This signature can be verified at https://www.hushtools.com/verify >> Version: Hush 3.0 >> >> wpwEAQMCAAYFAkkjISsACgkQ8J2EGU1ixm4elAP5ASDWRJKwFSbKkwEcSgij3+Z37z7y >> VHJg26/M4hgRJg+jMETkbcikims6GWy/YOLj4Ghm/0dvnc1QxIwLvxBURSsKySDWwm5e >> Mn/qNaowMnm86WyYHFF1zlOunxu1tmZcQdP2Q0DGYQ5pL7Mzly5btQbgT3u0SGZNwSBm >> ncPyxio= >> =PbZ5 >> -----END PGP SIGNATURE----- >> >> -- >> Be a professional. Click here to earn a psychology degree. >> http://tagline.hushmail.com/fc/PnY6qxultlCu7czxvYOckic6P1ZMIdbGIuIVLGs3jTOg1MlwTOxZC/ >> >> > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists