[funsec] Subject line misleading. AT&T Pwned. Sweet Irony: Metasploit Creator a Victim of His Own Creation

[Dragos Ruiu]

On 29-Jul-08, at 10:01 PM, Paul Ferguson wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Via PC World (IDG).
>
> [snip]
>
> HD Moore has been owned.
>
> That's hacker talk, meaning that Moore, the creator of the popular
> Metasploit hacking toolkit has become the victim of a computer attack.
>
> It happened on Tuesday morning, when Moore's company, BreakingPoint  
> had
> some of its Internet traffic redirected to a fake Google page that was
> being run by a scammer. According to Moore, the hacker was able to  
> do this
> by launching what's known as a cache poisoning attack on a DNS  
> server on
> AT&T's network that was serving the Austin, Texas area. One of
> BreakingPoint's servers was forwarding DNS (Domain Name System)  
> traffic to
> the AT&T server, so when it was compromised, so was HD Moore's  
> company.
>
> When Moore tried to visit Google.com, he was actually redirected to  
> a fake
> page that served up a Google page in one HTML frame along with three  
> other
> pages designed to automatically click on advertisements.
>
> [snip]
>
> More:
> http://www.pcworld.com/article/149126/2008/07/.html
>
> - - ferg
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP Desktop 9.6.3 (Build 3017)
>
> wj8DBQFIj/Wrq1pz9mNUZTMRAmAhAJ9lT5hosH5xBOWOsTFArDsw1MGN1ACg+wQR
> a12h7wcZ9hy0JN2DtHkuZGo=
> =Wv/X
> -----END PGP SIGNATURE-----
>
> --
> "Fergie", a.k.a. Paul Ferguson
> Engineering Architecture for the Internet
> fergdawg(at)netzero.net
> ferg's tech blog: http://fergdawg.blogspot.com/
>
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://linuxbox.org/pipermail/funsec/attachments/20080730/e61dccff/attachment.htm