Home

mass hack

Pigs fly... oh, and another 0-day ... ho hum

By secgeeks - Posted on January 13th, 2008
Tagged:  
0
vote

Hi folks,

In a previous entry I suggested that we'd probably never know how the uc8010.com mass hack occurred unless one of the website victims told us, and that the chances of that were about the same as flying pigs. Guess what ... it turns out that some people do have the right combination of nerve, public spirit, and willingness to share about security matters... so... pigs _can_ fly, and now we know how it happened. I _did_ promise it was off the record, so we can't share it further, but at least we know. Bravo to that person!  read more »

So this is kind of interesting...

By secgeeks - Posted on January 5th, 2008
Tagged:  
0
vote

Hi folks,

This domain uc8010(dot)com was registered just a few days ago (Dec 28), and yet, at one point Google showed script injections pointing to it were showing up on over 70k domains.

So the first point is that this was a pretty good mass-hack, and it wasn't just that they got into a server farm, as the victims were quite diverse, with presumably the only common point being whatever vulnerability they all shared.  read more »

Syndicate content