03 August 2009 | 18,701 views

Dan Kaminsky & Kevin Mitnick Hacked

Check For Vulnerabilities with Acunetix

If any of you follow the mailings lists or the ‘scene’ as it’s known, you’d be familiar with PHC, Phrack, Gobbles, ~el8, Silvio, gayh1tler and the whole Whitehat Holocaust AKA pr0j3kt m4yh3m. (Back when it went public).

The war against whitehats has started up again more vehemently recently with zine known as zero for owned or ZFO.

The latest edition has just hit the streets with some really high profile hacks this time and a HUGE amount of information disclosure. They don’t release any exploits or code, but they do point out sections of certain apps that may be vulnerable. It’s an interesting read, especially the commentary.

You can find the full zf05.txt issue here:

zf05.txt – be warned it’s a 29,000 line text file.

The highest profile hacks must be of Mitnick and Kaminsky, as of now doxpara.com is still down.

Two noted security professionals were targeted this week by hackers who broke into their web pages, stole personal data and posted it online on the eve of the Black Hat security conference.

Security researcher Dan Kaminsky and former hacker Kevin Mitnick were targeted because of their high profiles, and because the intruders consider the two notables to be posers who hype themselves and do little to increase security, according to a note the hackers posted in a file left on Kaminsky’s site.

The files taken from Kaminsky’s server included private e-mails between Kaminisky and other security researchers, highly personal chat logs, and a list of files he has purportedly downloaded that pertain to dating and other topics.

No one has ANY idea how long they’ve owned these boxes and been up your mailspoolz. Are they watching you, have they owned your box? If you’re a ‘notable’ whitehat, you speak at conferences and market yourself like a whore.

Most likely yes they are up in your shit.

One day they will rm -rf it and publish all your e-mails in the next edition of zfo zine.

The hacks also targeted other security professionals, and were apparently timed to coincide with the Black Hat and DefCon security conference in Las Vegas this week, where Kaminsky is unveiling new research on digital certificates and hash collisions.

Kaminsky made headlines last year for his Black Hat talk about vulnerabilities in the Domain Name System. He was accused by many in the security community of hyping the issue after he teased the topic in a press conference call a month before his talk without revealing details of the vulnerability, leading everyone to speculate on the nature of it. He was presented with a Pwnie award for Most Overhyped Bug and for “owning” the media.

The hackers criticized Mitnick and Kaminsky for using insecure blogging and hosting services to publish their sites, that allowed the hackers to gain easy access to their data.

Pretty scary stuff, considered all these self-proclaimed experts are having their own sites hacked. What hope do the rest of us mere mortals have?

Little to none, as always a skilled persistent attacker will ALWAYS get in.

A bunch of others got pwned too including hak5, Robert Lemos, Blackhat Forums, PerlMonks, Elite Hackers and BinRev (Binary Revolution).

Source: Wired (Thanks Navin)



Recent in Exploits/Vulnerabilities:
- Everything You Need To Know About POODLE SSLv3 Vulnerability
- OpenVPN Vulnerable To Shellshock Exploit
- Everything You NEED To Know About Shellshock Bug In BASH

Related Posts:
- Kevin Mitnick Interview on Social Engineering
- WordPress 2.8.3 Admin Reset Exploit
- Is Google Public DNS Safe?

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 227,800 views
- AJAX: Is your application secure enough? - 119,146 views
- eEye Launches 0-Day Exploit Tracker - 85,071 views

Advertise on Darknet

14 Responses to “Dan Kaminsky & Kevin Mitnick Hacked”

  1. Friedbeef 3 August 2009 at 11:34 am Permalink

    You’re right…. what hope do we have if Mitnick is hackable?

  2. GZero 3 August 2009 at 12:22 pm Permalink

    Mr Mitnick was at least sensible enough to keep personal info off his web facing servers. Our dear friend Dan Kaminsky was less well prepared.

    Every host hacked was running WordPress in some form or another. Funny hey.

  3. cbrp1r8 3 August 2009 at 1:19 pm Permalink

    lol, wordpress sploits….pfft, dime a dozen there…

    course the only safe computer is the one which is not connected… :D

  4. Navin 3 August 2009 at 2:31 pm Permalink

    Just quoting from the text file:
    Dan Kaminsky is a noob. This guy does not know the first thing about security. His boxes were a crazy combination of half-updated shit, half-removed shit, half-installed shit, half-configured shit. The lack of things working properly actually blocked a bit of 0day. But Dan, do not go selling that as some kind of advanced defense – you provided us with plenty of local holes to exploit and root.

    Dan is a selfish jerkoff who is hated by the security industry and the
    underground alike. He’s fat and ugly in a way that only Gadi Evron could love. Is that hairy ass picture yours or ccg’s? Do we want to know?

    When Dan made a huge stink about DNS flaws about a year ago (July 2008) we knew we had to own him sooner or later. So we did. Him and his little whitehat bitch friends too.

    Dan cannot even administer a box, let alone preach security. He lacks all real legitimacy because he only hunts for flashy bugs that he can turn into a big story. This guy would be the least important character in any real security organization, the fatass past his prime (did Dan have a prime?) who obsesses over areas that no-one else wants to touch just so he can find a niche and avoid getting let go.

    One more thing: They claim they got Mitnick through his own game….. SOCIAL ENGINEERING!! That has to be the icing on the cake!!

    ZFO FTW!!

  5. Black of Hat 4 August 2009 at 5:26 am Permalink

    So who is this Zero For Owned group? I have read two of their zines. But there seems to be a lack of information about the group itself. Surely they can’t be that well hideen underground.

  6. Sploo 4 August 2009 at 5:52 am Permalink

    Yes, i believe they CAN be that hidden.

  7. SpiderM@N 4 August 2009 at 2:57 pm Permalink
  8. null 4 August 2009 at 3:39 pm Permalink

    can “they” hack a pfsense or openbsd router without open ports? just for web surfing, without servers listening?
    this is not a chalenge, it is just a question…

  9. katphyte 4 August 2009 at 7:53 pm Permalink

    This just validates the fact that if you want something to stay secure, don’t ever put it on the web. And it’s more than just a little freaky when you think about the fact that the h ackers behind it probably did it just to see if they could. So what would a malicious attacker who is out for blood do?

    I’ll be the first one to say that no matter how much you know, there’s someone out there who knows more. Too much confidence in yourself can make you forget that you’re really just as vulnerable as the next person.

  10. lol @ null 4 August 2009 at 10:36 pm Permalink

    @ null
    if the server does not accept connections on any ports. then no.

  11. Jeff Price 5 August 2009 at 4:42 pm Permalink

    Is that really all that impressive? Mitnick’s strong points were Social Engineering and Buffer Overflows. Does it really surprise you? This isn’t the first time he’s been hacked. Hes even said too that there if no fool proof security, repeatedly in his books.

  12. id 8 August 2009 at 9:50 pm Permalink

    “No one has ANY idea how long they

  13. Morgan Storey 10 August 2009 at 8:04 am Permalink

    @Null: there could still be an 0-day in something you are using or the easiest target you, they could simply social engineer you to go to a site that drive by downloads something that then makes a connection out to them through your pfsense firewall. Nothing is unhackable, even un connected boxes have theoretical hacks bury it in concrete or destory it if you don’t want it to leak.

  14. Bogwitch 11 August 2009 at 11:40 am Permalink

    I’ve got to agree with Morgan on this one. By far the easiest way to get behind a firewall is to abuse the wetware – the human – behind it. Either by redirecting to a malicious site or emailing a custom trojan.

    There is always the possibility to find a o-day in the firewall, where a malformed packet causes the firewall to barf and fall over in an open state, but that’s pretty unlikely, the leaks are usually from within.

    Also, there is the risk of information leaking from your system via other channels, assuming it’s worth an attackers effort – Google ‘tempest’