Hack Attack Weekend?

[ScottMac]

A guy that works in my building, who tends to be a little closer to the shadier side of networking, was telling me that this weekend is s'posed to be a major hack attack / deface the websites event. Something like a hacking competition; the goal being something like the defacing of at least 6000 websites by various groups (to see who can do the most).

The only reason I mention it is that it might be a good time to review the patch / security setting on your sites, tune up the IDS, and make sure your logging is ready to rock .... just in case.

He said it should be happening Sunday.

I haven't done any searches, I haven't seen anything beyond what this guy told me ... but he's always been a good source for me.

I figured I'd pass it along; maybe someone else has heard something, maybe this is a standard rumor ... I don't know.

Regardless, maybe it'd be a good time to tune up the security ...

FWIW

Scott

 

[Saltin]

I heard about this today and found a few articles about it. Since there is a 6 hour time limit to the contest, people are speculating that many/most sites that are going to be defaced have already been rooted.
They also suspect that hosting companies will be hardest hit.

I guess it's worth double checking the hotfixes!

 

[Soybomb]

I think its your usual government/media computer story hype.

I can't find the story at the moment but there was an "official contest page" up for it that was pulled yesterday for violating their hosts TOS. The administrative contact for the domain has an address in the US, but his email address was listed in another domain registered in Hong Kong or something. The typos on the page brought speculation that it was an asian group suggesting it.

Here's the supposed site, looks like it might be coming back up but no info there
http://www.defacers-challenge.com

 

[jonmullen]

Well none the less it never hurts to secure your systems

 

[Soybomb]

Originally posted by: jonmullen
Well none the less it never hurts to secure your systems

True but if you wait until a panic to worry about if you're secure, its just a matter of time until you're hacked anyway.

 

[chsh1ca]

Yeah, heard about this on Monday. ISS released info about it yesterday. Basically just a defacement fest for kids who want to get their own free hosting. Kind of lame IMO. Still, if it will prompt people to patch their boxes, then maybe it is worth it.

 

[Chumpman]

Sounds more like "Script Kiddies Unite" than "defacers challenge" ...

 

[Barnaby W. Füi]

Originally posted by: Chumpman
Sounds more like "Script Kiddies Unite" than "defacers challenge" ...

A website defacer is somehow better than a script kiddie?

 

[Chumpman]

Originally posted by: BingBongWongFooey

Originally posted by: Chumpman
Sounds more like "Script Kiddies Unite" than "defacers challenge" ...

A website defacer is somehow better than a script kiddie?

haha

 

[AEB]

i like it because it will show that any OS has vulnerability not just main stream ones

 

[ScottMac]

Well, since most of the "tools" are written for the Operating Systems and Web Engines that are most prevelent / most easily exploited, you can pretty much bet that it'll be pretty much a Microsoft / IIS and a poorly implemented *nix / Apache / WU FTP ballgame.

There aren't enough Apple servers online to make it worthwhile to go looking for 'em.

As mentioned earlier, 6000+ servers in 6 hours ... chances are the bad guys already have a stable of rooted systems to hit.

FWIW

Scott