Download area
Digital attacks
 Attacks archive
 Attack notification
 Internet spam/frauds
Stay tuned
 Infosec pager
 Mailing list subscription
Passive public area
 Stats & Graphs
 Unsuccess stories
Active public area
 Legal corner
 Forum section
 Join Zone-h IRC chat
Zone-H club
 Staff performance
 Meet our staff
 Link to us
 Contact us
 Zone-H e-Shop
 Anti-pedophily campaign
Black or White hat?

IT is Zone-H's contribution to the IT security world. It is a tool for keeping always up to date administrators and ITsec professionals. It's cool. It's free. It's the InfoSec pager.
Mitnick's company website defaced again for political reason (...shhhh! don't tell it to Zone-H!)
SyS64738 admin
Today, February 23rd the website of the company Defensive Thinking belonging to famous hacker Kevin Mitnick has been re-re-re-redefaced. This time for political reasons. /

The hacker DkD[|| after gaining access using a misconfiguration in the website (the same misconfiguration that allowed the previous intrusions) posted a wide pro-Palestine/Chechenia against Sharon/Bush/Putin proclama.

We at Zone-H fighted a little in order to get the mirror of the defacement as somebody at Defensivethinking was continuosly restoring the original main page and blocking the IP of our mirroring robot (like to say, if Zone-H doesn't mirror it, it will get unnoticed... Shhhhh!)

We eventually succeded to get the mirror .

The interesting thing, is that the boys at Defensive Thinking rather that fixing the configuration mistake (at the moment the full server content can be still browsable as an extension of your local directory) they were fighting against our mirrors or against the hacker who was redefacing the mainpage everytime it got fixed.

In an online chat session with DkD[||, he told to Zone-H that there were no personal reasons to attack Mitnick's server. "It's just a very good way to spread my message" declared DkD[||.

Are you wondering how it happened that ta company like Mitnick's one can get defaced so many times in a row? Easy to say! Let's Netcraft

and we will see that they just changed the web hoster, thinking this time to have solved their problem:

OS, Web Server and Hosting History for

OS Server Last changed IP address Netblock Owner

Windows 2000 Microsoft-IIS/5.0 22-Feb-2003 Fuse Internet Access
Windows 2000 Microsoft-IIS/5.0 20-Jan-2003 Nexspace LLC
Windows 2000 Microsoft-IIS/5.0 20-Jan-2003 Nexspace LLC
Linux Apache/1.3.26 (Unix) 16-Jan-2003 Cyberverse Online
Windows 2000 Microsoft-IIS/5.0 1-Oct-2002 Nexspace LLC
Linux Apache/1.3.26 (Unix) 29-Sep-2002 Cyberverse Online

Thing is that the new web hosting company...was vulnerable as the previous one! (credits to friend nick to this info)

Our implacable mirrors are watching you...

Original article: