[funsec] BSDNews.com is hacked and user information is exposed

Jim O'Gorman jameso at elwood.net
Mon Apr 28 15:11:12 CDT 2008


Oh noes! The d00d that did the attack is not happy with me! I have been in a
e-mail exchange with "eagle" who did the hack through out the day. He wants
me to take the information down off my site, as I guess that my two-bit blog
is too much attention for him.

I challenged him to a dual. Told him he can fight me in Call of Duty 4, and
the first to twenty kills is the winner. Alas, he says his parents are going
to buy him an xbox 360 as he does now have one yet. I only have a PS3 and no
windows systems that can run games so it looks like there will be no blood
shed over this one.

Funny thing is, he was sending the threats initially from the same e-mail
address he registered his "golden-warez.com" site with. Crazy Dutch hacker
kids... If only his parents would buy him the Xbox 360 he might have
something to do with all the time on his hands...

So now the question is, with how upset he was that I talked about what he
did on my site - Do I go ahead and post the e-mail thread we have had today?
Makes for fun reading! The guy has his defense all worked out on how he
would not get in trouble if Johnny Law comes knocking on his door. A real
legal mind.

-- 
Jim O'Gorman
jameso at elwood.net
http://www.elwood.net


On Fri, Apr 25, 2008 at 6:39 PM, Jim O'Gorman <jameso at elwood.net> wrote:
>
> Yeah, the site that originally had the usernames/passwords posted seems to
be down (for me at least) right now. Other site is has closed public access
to the forums, but the google cache is still up. More at
http://www.elwood.net/post/32863299.
>
>
> Myself, I am just sorry I waited a week to make it public. I thought the
BSDnews people would be more on the ball then they turned out to be. Notice
finally came out today after Evan posted the news and other sites picked up
on it.
>
> I still don't understand why they were keeping plaintext passwords for all
their users.
> --
>
> Jim O'Gorman
> jameso at elwood.net
> http://www.elwood.net
>
>
>
>
>
>
> On Fri, Apr 25, 2008 at 4:32 PM, Paul Ferguson <fergdawg at netzero.net>
wrote:
>
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > FYI.
> >
> > [snip]
> >
> > Breach Description:
> > It appears that the BSDNews.com web site may have been compromised
through
> > an exploit of a file named "bottom.php3", which was used by the site.
 The
> > attacker was able to access and download user account information.  As
of
> > the time of this writing, BSDNews.com is offline.
> >
> > [snip]
> >
> > More:
> > http://breachblog.com/2008/04/25/bsdnews.aspx
> >
> > - - ferg
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: PGP Desktop 9.6.3 (Build 3017)
> >
> > wj8DBQFIEk34q1pz9mNUZTMRAtiOAKC87i4swNDK6pZz7oqcM86A9QIEugCfQGGc
> > fP6nWpdmonXHXqGuYL42RGo=
> > =gzQK
> > -----END PGP SIGNATURE-----
> >
> >
> > --
> > "Fergie", a.k.a. Paul Ferguson
> >  Engineering Architecture for the Internet
> >  fergdawg(at)netzero.net
> >  ferg's tech blog: http://fergdawg.blogspot.com/
> >
> >
> > _______________________________________________
> > Fun and Misc security discussion for OT posts.
> > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> > Note: funsec is a public and open mailing list.
> >
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://linuxbox.org/pipermail/funsec/attachments/20080428/9908f819/attachment.htm 


More information about the funsec mailing list