Dan Kaminsky & Kevin Mitnick Hacked

If any of you follow the mailings lists or the ‘scene’ as it’s known, you’d be familiar with PHC, Phrack, Gobbles, ~el8, Silvio, gayh1tler and the whole Whitehat Holocaust AKA pr0j3kt m4yh3m. (Back when it went public).

The war against whitehats has started up again more vehemently recently with zine known as zero for owned or ZFO.

The latest edition has just hit the streets with some really high profile hacks this time and a HUGE amount of information disclosure. They don’t release any exploits or code, but they do point out sections of certain apps that may be vulnerable. It’s an interesting read, especially the commentary.

You can find the full zf05.txt issue here:

zf05.txt – be warned it’s a 29,000 line text file.

The highest profile hacks must be of Mitnick and Kaminsky, as of now doxpara.com is still down.

Two noted security professionals were targeted this week by hackers who broke into their web pages, stole personal data and posted it online on the eve of the Black Hat security conference.

Security researcher Dan Kaminsky and former hacker Kevin Mitnick were targeted because of their high profiles, and because the intruders consider the two notables to be posers who hype themselves and do little to increase security, according to a note the hackers posted in a file left on Kaminsky’s site.

The files taken from Kaminsky’s server included private e-mails between Kaminisky and other security researchers, highly personal chat logs, and a list of files he has purportedly downloaded that pertain to dating and other topics.

No one has ANY idea how long they’ve owned these boxes and been up your mailspoolz. Are they watching you, have they owned your box? If you’re a ‘notable’ whitehat, you speak at conferences and market yourself like a whore.

Most likely yes they are up in your shit.

One day they will rm -rf it and publish all your e-mails in the next edition of zfo zine.

The hacks also targeted other security professionals, and were apparently timed to coincide with the Black Hat and DefCon security conference in Las Vegas this week, where Kaminsky is unveiling new research on digital certificates and hash collisions.

Kaminsky made headlines last year for his Black Hat talk about vulnerabilities in the Domain Name System. He was accused by many in the security community of hyping the issue after he teased the topic in a press conference call a month before his talk without revealing details of the vulnerability, leading everyone to speculate on the nature of it. He was presented with a Pwnie award for Most Overhyped Bug and for “owning” the media.

The hackers criticized Mitnick and Kaminsky for using insecure blogging and hosting services to publish their sites, that allowed the hackers to gain easy access to their data.

Pretty scary stuff, considered all these self-proclaimed experts are having their own sites hacked. What hope do the rest of us mere mortals have?

Little to none, as always a skilled persistent attacker will ALWAYS get in.

A bunch of others got pwned too including hak5, Robert Lemos, Blackhat Forums, PerlMonks, Elite Hackers and BinRev (Binary Revolution).

Source: Wired (Thanks Navin)

Posted in: Exploits/Vulnerabilities, Hacking News


Latest Posts:

Fuzzilli - JavaScript Engine Fuzzing Library Fuzzilli – JavaScript Engine Fuzzing Library
Fuzzilii is a JavaScript engine fuzzing library, it's a coverage-guided fuzzer for dynamic language interpreters based on a custom intermediate language.
OWASP APICheck - HTTP API DevSecOps Toolset OWASP APICheck – HTTP API DevSecOps Toolset
APICheck is an HTTP API DevSecOps toolset, it integrates existing tools, creates execution chains easily and is designed for integration with 3rd parties.
trident - Automated Password Spraying Tool trident – Automated Password Spraying Tool
The Trident project is an automated password spraying tool developed to be deployed on multiple cloud providers and provides advanced options around scheduling
tko-subs - Detect & Takeover Subdomains With Dead DNS Records tko-subs – Detect & Takeover Subdomains With Dead DNS Records
tko-subs is a tool that helps you to detect & takeover subdomains with dead DNS records, this could be dangling CNAMEs point to hosting services and more.
Arcane - Tool To Backdoor iOS Packages (iPhone ARM) Arcane – Tool To Backdoor iOS Packages (iPhone ARM)
Arcane is a simple script tool to backdoor iOS packages (iPhone ARM) and create the necessary resources for APT repositories.
SharpHose - Asynchronous Password Spraying Tool SharpHose – Asynchronous Password Spraying Tool
SharpHose is an asynchronous password spraying tool in C# for Windows environments that takes into consideration fine-grained password policies and can be run over Cobalt Strike's execute-assembly.

14 Responses to Dan Kaminsky & Kevin Mitnick Hacked

  1. Friedbeef August 3, 2009 at 11:34 am #

    You’re right…. what hope do we have if Mitnick is hackable?

  2. GZero August 3, 2009 at 12:22 pm #

    Mr Mitnick was at least sensible enough to keep personal info off his web facing servers. Our dear friend Dan Kaminsky was less well prepared.

    Every host hacked was running WordPress in some form or another. Funny hey.

  3. cbrp1r8 August 3, 2009 at 1:19 pm #

    lol, wordpress sploits….pfft, dime a dozen there…

    course the only safe computer is the one which is not connected… :D

  4. Navin August 3, 2009 at 2:31 pm #

    Just quoting from the text file:
    Dan Kaminsky is a noob. This guy does not know the first thing about security. His boxes were a crazy combination of half-updated shit, half-removed shit, half-installed shit, half-configured shit. The lack of things working properly actually blocked a bit of 0day. But Dan, do not go selling that as some kind of advanced defense – you provided us with plenty of local holes to exploit and root.

    Dan is a selfish jerkoff who is hated by the security industry and the
    underground alike. He’s fat and ugly in a way that only Gadi Evron could love. Is that hairy ass picture yours or ccg’s? Do we want to know?

    When Dan made a huge stink about DNS flaws about a year ago (July 2008) we knew we had to own him sooner or later. So we did. Him and his little whitehat bitch friends too.

    Dan cannot even administer a box, let alone preach security. He lacks all real legitimacy because he only hunts for flashy bugs that he can turn into a big story. This guy would be the least important character in any real security organization, the fatass past his prime (did Dan have a prime?) who obsesses over areas that no-one else wants to touch just so he can find a niche and avoid getting let go.

    One more thing: They claim they got Mitnick through his own game….. SOCIAL ENGINEERING!! That has to be the icing on the cake!!

    ZFO FTW!!

  5. Black of Hat August 4, 2009 at 5:26 am #

    So who is this Zero For Owned group? I have read two of their zines. But there seems to be a lack of information about the group itself. Surely they can’t be that well hideen underground.

  6. Sploo August 4, 2009 at 5:52 am #

    Yes, i believe they CAN be that hidden.

  7. SpiderM@N August 4, 2009 at 2:57 pm #
  8. null August 4, 2009 at 3:39 pm #

    can “they” hack a pfsense or openbsd router without open ports? just for web surfing, without servers listening?
    this is not a chalenge, it is just a question…

  9. katphyte August 4, 2009 at 7:53 pm #

    This just validates the fact that if you want something to stay secure, don’t ever put it on the web. And it’s more than just a little freaky when you think about the fact that the h ackers behind it probably did it just to see if they could. So what would a malicious attacker who is out for blood do?

    I’ll be the first one to say that no matter how much you know, there’s someone out there who knows more. Too much confidence in yourself can make you forget that you’re really just as vulnerable as the next person.

  10. lol @ null August 4, 2009 at 10:36 pm #

    @ null
    if the server does not accept connections on any ports. then no.

  11. Jeff Price August 5, 2009 at 4:42 pm #

    Is that really all that impressive? Mitnick’s strong points were Social Engineering and Buffer Overflows. Does it really surprise you? This isn’t the first time he’s been hacked. Hes even said too that there if no fool proof security, repeatedly in his books.

  12. id August 8, 2009 at 9:50 pm #

    “No one has ANY idea how long they

  13. Morgan Storey August 10, 2009 at 8:04 am #

    @Null: there could still be an 0-day in something you are using or the easiest target you, they could simply social engineer you to go to a site that drive by downloads something that then makes a connection out to them through your pfsense firewall. Nothing is unhackable, even un connected boxes have theoretical hacks bury it in concrete or destory it if you don’t want it to leak.

  14. Bogwitch August 11, 2009 at 11:40 am #

    I’ve got to agree with Morgan on this one. By far the easiest way to get behind a firewall is to abuse the wetware – the human – behind it. Either by redirecting to a malicious site or emailing a custom trojan.

    There is always the possibility to find a o-day in the firewall, where a malformed packet causes the firewall to barf and fall over in an open state, but that’s pretty unlikely, the leaks are usually from within.

    Also, there is the risk of information leaking from your system via other channels, assuming it’s worth an attackers effort – Google ‘tempest’