• Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Home
  • About Darknet
  • Hacking Tools
  • Popular Posts
  • Darknet Archives
  • Contact Darknet
    • Advertise
    • Submit a Tool
Darknet – Hacking Tools, Hacker News & Cyber Security

Darknet - Hacking Tools, Hacker News & Cyber Security

Darknet is your best source for the latest hacking tools, hacker news, cyber security best practices, ethical hacking & pen-testing.

Dan Kaminsky & Kevin Mitnick Hacked

August 3, 2009

Views: 19,637

[ad]

If any of you follow the mailings lists or the ‘scene’ as it’s known, you’d be familiar with PHC, Phrack, Gobbles, ~el8, Silvio, gayh1tler and the whole Whitehat Holocaust AKA pr0j3kt m4yh3m. (Back when it went public).

The war against whitehats has started up again more vehemently recently with zine known as zero for owned or ZFO.

The latest edition has just hit the streets with some really high profile hacks this time and a HUGE amount of information disclosure. They don’t release any exploits or code, but they do point out sections of certain apps that may be vulnerable. It’s an interesting read, especially the commentary.

You can find the full zf05.txt issue here:

zf05.txt – be warned it’s a 29,000 line text file.

The highest profile hacks must be of Mitnick and Kaminsky, as of now doxpara.com is still down.

Two noted security professionals were targeted this week by hackers who broke into their web pages, stole personal data and posted it online on the eve of the Black Hat security conference.

Security researcher Dan Kaminsky and former hacker Kevin Mitnick were targeted because of their high profiles, and because the intruders consider the two notables to be posers who hype themselves and do little to increase security, according to a note the hackers posted in a file left on Kaminsky’s site.

The files taken from Kaminsky’s server included private e-mails between Kaminisky and other security researchers, highly personal chat logs, and a list of files he has purportedly downloaded that pertain to dating and other topics.

No one has ANY idea how long they’ve owned these boxes and been up your mailspoolz. Are they watching you, have they owned your box? If you’re a ‘notable’ whitehat, you speak at conferences and market yourself like a whore.

Most likely yes they are up in your shit.

One day they will rm -rf it and publish all your e-mails in the next edition of zfo zine.

The hacks also targeted other security professionals, and were apparently timed to coincide with the Black Hat and DefCon security conference in Las Vegas this week, where Kaminsky is unveiling new research on digital certificates and hash collisions.

Kaminsky made headlines last year for his Black Hat talk about vulnerabilities in the Domain Name System. He was accused by many in the security community of hyping the issue after he teased the topic in a press conference call a month before his talk without revealing details of the vulnerability, leading everyone to speculate on the nature of it. He was presented with a Pwnie award for Most Overhyped Bug and for “owning” the media.

The hackers criticized Mitnick and Kaminsky for using insecure blogging and hosting services to publish their sites, that allowed the hackers to gain easy access to their data.

Pretty scary stuff, considered all these self-proclaimed experts are having their own sites hacked. What hope do the rest of us mere mortals have?

Little to none, as always a skilled persistent attacker will ALWAYS get in.

A bunch of others got pwned too including hak5, Robert Lemos, Blackhat Forums, PerlMonks, Elite Hackers and BinRev (Binary Revolution).

Source: Wired (Thanks Navin)

Share
Tweet2
Share
Buffer
WhatsApp
Email
2 Shares

Filed Under: Exploits/Vulnerabilities, Hacking News Tagged With: dan-kaminsky, hacked



Reader Interactions

Comments

  1. Friedbeef says

    August 3, 2009 at 11:34 am

    You’re right…. what hope do we have if Mitnick is hackable?

  2. GZero says

    August 3, 2009 at 12:22 pm

    Mr Mitnick was at least sensible enough to keep personal info off his web facing servers. Our dear friend Dan Kaminsky was less well prepared.

    Every host hacked was running WordPress in some form or another. Funny hey.

  3. cbrp1r8 says

    August 3, 2009 at 1:19 pm

    lol, wordpress sploits….pfft, dime a dozen there…

    course the only safe computer is the one which is not connected… :D

  4. Navin says

    August 3, 2009 at 2:31 pm

    Just quoting from the text file:
    Dan Kaminsky is a noob. This guy does not know the first thing about security. His boxes were a crazy combination of half-updated shit, half-removed shit, half-installed shit, half-configured shit. The lack of things working properly actually blocked a bit of 0day. But Dan, do not go selling that as some kind of advanced defense – you provided us with plenty of local holes to exploit and root.

    Dan is a selfish jerkoff who is hated by the security industry and the
    underground alike. He’s fat and ugly in a way that only Gadi Evron could love. Is that hairy ass picture yours or ccg’s? Do we want to know?

    When Dan made a huge stink about DNS flaws about a year ago (July 2008) we knew we had to own him sooner or later. So we did. Him and his little whitehat bitch friends too.

    Dan cannot even administer a box, let alone preach security. He lacks all real legitimacy because he only hunts for flashy bugs that he can turn into a big story. This guy would be the least important character in any real security organization, the fatass past his prime (did Dan have a prime?) who obsesses over areas that no-one else wants to touch just so he can find a niche and avoid getting let go.

    One more thing: They claim they got Mitnick through his own game….. SOCIAL ENGINEERING!! That has to be the icing on the cake!!

    ZFO FTW!!

  5. Black of Hat says

    August 4, 2009 at 5:26 am

    So who is this Zero For Owned group? I have read two of their zines. But there seems to be a lack of information about the group itself. Surely they can’t be that well hideen underground.

  6. Sploo says

    August 4, 2009 at 5:52 am

    Yes, i believe they CAN be that hidden.

  7. SpiderM@N says

    August 4, 2009 at 2:57 pm

  8. null says

    August 4, 2009 at 3:39 pm

    can “they” hack a pfsense or openbsd router without open ports? just for web surfing, without servers listening?
    this is not a chalenge, it is just a question…

  9. katphyte says

    August 4, 2009 at 7:53 pm

    This just validates the fact that if you want something to stay secure, don’t ever put it on the web. And it’s more than just a little freaky when you think about the fact that the h ackers behind it probably did it just to see if they could. So what would a malicious attacker who is out for blood do?

    I’ll be the first one to say that no matter how much you know, there’s someone out there who knows more. Too much confidence in yourself can make you forget that you’re really just as vulnerable as the next person.

  10. lol @ null says

    August 4, 2009 at 10:36 pm

    @ null
    if the server does not accept connections on any ports. then no.

  11. Jeff Price says

    August 5, 2009 at 4:42 pm

    Is that really all that impressive? Mitnick’s strong points were Social Engineering and Buffer Overflows. Does it really surprise you? This isn’t the first time he’s been hacked. Hes even said too that there if no fool proof security, repeatedly in his books.

  12. id says

    August 8, 2009 at 9:50 pm

    “No one has ANY idea how long they

  13. Morgan Storey says

    August 10, 2009 at 8:04 am

    @Null: there could still be an 0-day in something you are using or the easiest target you, they could simply social engineer you to go to a site that drive by downloads something that then makes a connection out to them through your pfsense firewall. Nothing is unhackable, even un connected boxes have theoretical hacks bury it in concrete or destory it if you don’t want it to leak.

  14. Bogwitch says

    August 11, 2009 at 11:40 am

    I’ve got to agree with Morgan on this one. By far the easiest way to get behind a firewall is to abuse the wetware – the human – behind it. Either by redirecting to a malicious site or emailing a custom trojan.

    There is always the possibility to find a o-day in the firewall, where a malformed packet causes the firewall to barf and fall over in an open state, but that’s pretty unlikely, the leaks are usually from within.

    Also, there is the risk of information leaking from your system via other channels, assuming it’s worth an attackers effort – Google ‘tempest’

Primary Sidebar

Search Darknet

  • Email
  • Facebook
  • LinkedIn
  • RSS
  • Twitter

Advertise on Darknet

Latest Posts

Bantam - Advanced PHP Backdoor Management Tool For Post Exploitation

Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation

Views: 286

Bantam is a lightweight post-exploitation utility written in C# that includes advanced payload … ...More about Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation

AI-Powered Cybercrime in 2025 - The Dark Web’s New Arms Race

AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race

Views: 493

In 2025, the dark web isn't just a marketplace for illicit goods—it's a development lab. … ...More about AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race

Upload_Bypass - Bypass Upload Restrictions During Penetration Testing

Upload_Bypass – Bypass Upload Restrictions During Penetration Testing

Views: 490

Upload_Bypass is a command-line tool that automates discovering and exploiting weak file upload … ...More about Upload_Bypass – Bypass Upload Restrictions During Penetration Testing

Shell3r - Powerful Shellcode Obfuscator for Offensive Security

Shell3r – Powerful Shellcode Obfuscator for Offensive Security

Views: 690

If antivirus and EDR vendors are getting smarter, so are the tools that red teamers and penetration … ...More about Shell3r – Powerful Shellcode Obfuscator for Offensive Security

Understanding the Deep Web, Dark Web, and Darknet (2025 Guide)

Understanding the Deep Web, Dark Web, and Darknet (2025 Guide)

Views: 8,475

Introduction: How Much of the Internet Can You See? You're only scratching the surface when you … ...More about Understanding the Deep Web, Dark Web, and Darknet (2025 Guide)

DataSurgeon is an open-source Linux-based data extraction and transformation tool designed for forensic investigations and recovery scenarios.

DataSurgeon – Fast, Flexible Data Extraction and Transformation Tool for Linux

Views: 469

DataSurgeon is an open-source Linux-based data extraction and transformation tool designed for … ...More about DataSurgeon – Fast, Flexible Data Extraction and Transformation Tool for Linux

Topics

  • Advertorial (28)
  • Apple (46)
  • Countermeasures (227)
  • Cryptography (82)
  • Database Hacking (89)
  • Events/Cons (7)
  • Exploits/Vulnerabilities (431)
  • Forensics (65)
  • GenAI (3)
  • Hacker Culture (8)
  • Hacking News (229)
  • Hacking Tools (684)
  • Hardware Hacking (82)
  • Legal Issues (179)
  • Linux Hacking (73)
  • Malware (238)
  • Networking Hacking Tools (352)
  • Password Cracking Tools (104)
  • Phishing (41)
  • Privacy (219)
  • Secure Coding (118)
  • Security Software (233)
  • Site News (51)
    • Authors (6)
  • Social Engineering (37)
  • Spammers & Scammers (76)
  • Stupid E-mails (6)
  • Telecomms Hacking (6)
  • UNIX Hacking (6)
  • Virology (6)
  • Web Hacking (384)
  • Windows Hacking (169)
  • Wireless Hacking (45)

Security Blogs

  • Dancho Danchev
  • F-Secure Weblog
  • Google Online Security
  • Graham Cluley
  • Internet Storm Center
  • Krebs on Security
  • Schneier on Security
  • TaoSecurity
  • Troy Hunt

Security Links

  • Exploits Database
  • Linux Security
  • Register – Security
  • SANS
  • Sec Lists
  • US CERT

Footer

Most Viewed Posts

  • Brutus Password Cracker – Download brutus-aet2.zip AET2 (2,291,659)
  • Darknet – Hacking Tools, Hacker News & Cyber Security (2,173,069)
  • Top 15 Security Utilities & Download Hacking Tools (2,096,614)
  • 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) (1,199,675)
  • Password List Download Best Word List – Most Common Passwords (933,462)
  • wwwhack 1.9 – wwwhack19.zip Web Hacking Software Free Download (776,130)
  • Hack Tools/Exploits (673,286)
  • Wep0ff – Wireless WEP Key Cracker Tool (530,143)

Search

Recent Posts

  • Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation May 9, 2025
  • AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race May 7, 2025
  • Upload_Bypass – Bypass Upload Restrictions During Penetration Testing May 5, 2025
  • Shell3r – Powerful Shellcode Obfuscator for Offensive Security May 2, 2025
  • Understanding the Deep Web, Dark Web, and Darknet (2025 Guide) April 30, 2025
  • DataSurgeon – Fast, Flexible Data Extraction and Transformation Tool for Linux April 28, 2025

Tags

apple botnets computer-security darknet Database Hacking ddos dos exploits fuzzing google hacking-networks hacking-websites hacking-windows hacking tool Information-Security information gathering Legal Issues malware microsoft network-security Network Hacking Password Cracking pen-testing penetration-testing Phishing Privacy Python scammers Security Security Software spam spammers sql-injection trojan trojans virus viruses vulnerabilities web-application-security web-security windows windows-security Windows Hacking worms XSS

Copyright © 1999–2025 Darknet All Rights Reserved · Privacy Policy