Information Security News mailing list archives
Pro-Napster Hacker Warns Against Arrest
From: Nelson Murilo <nelson () PANGEIA COM BR>
Date: Fri, 18 Aug 2000 21:14:56 -0300
[http://dailynews.yahoo.com/h/ao/20000818/cr/pro-napster_hacker_warns_against_arrest_1.html] Friday August 18 04:17 PM EDT Pro-Napster Hacker Warns Against Arrest NEW YORK (APBnews.com) -- The alleged "hacktivist" who may have defaced as many as 60 Web sites in the past week with a pro-Napster screed now warns that fellow hackers will unleash widespread cyberattacks if federal authorities attempt to collar any suspects. The hacker goes by the online handle "Pimpshiz" and has posted an e-mail alias on each site that has been defaced. Someone using that alias contacted an APBnews.com reporter and claimed responsibility for the activity. "I'm sure I'll get arrested," Pimpshiz wrote in an e-mail. "Just be aware there will be a huge chain-reaction\aftermath when I get arrested." 'Mass destruction' planned Minutes later another writer, "Ryan," an alleged acquaintance, said in an e-mail message that Pimpshiz should not face criminal penalties. Property hasn't been damaged, Ryan wrote, the defacements merely showed how vulnerable Microsoft operating systems are. "If the FBI arrests Pimpshiz, hundreds of hackers are on standby to cause mass destruction," Ryan warned. No other details of the possible "after-strike" -- such as likely targets or type of attack -- were offered by either writer. Conspiracy charges possible FBI spokeswoman Debra Weierman in Washington said National Infrastructure Protection Center investigators are still looking into the rash of Web site intrusions that allegedly carried Pimpshiz's signature. She said if the warning by Pimpshiz proved true, and further attacks were perpetrated as the result of an eventual arrest, then conspiracy charges could be lumped on top of possible computer fraud and intrusion charges. The defacements appear to have started as early as Aug. 8, with the hacker allegedly replacing the index pages of a strange assortment of Web sites with a rambling message deriding rock band Metallica for filing suit against online music-sharing system Napster. The message stated that Napster has been wrongly targeted by copyright infringement lawsuits that almost shut down the company last month. Claims to be 11-year-old girl In e-mail messages to APBnews.com, Pimpshiz claimed to be a "baggy pants wearing, rap listening" 11-year-old girl -- unusual, if ever proven true, since most hackers and crackers engaged in malicious online activity are teenaged boys. She is not a Napster user, the hacker repeated, but wanted to speak out about a perceived injustice. "I am doing this to show others how I see this matter," Pimpshiz wrote. "I want people to see my perspective." Sites picked at random The hacker wrote that the bizarre choice of victim sites -- which allegedly included a commercial roofing contractor in Palatine, Ill. -- were picked randomly. Pimpshiz claimed to have hacked 60 sites. Four sites operated by King World Productions were temporarily defaced, said company webmaster Nick Roller, including the online presence of TV's Roseanne Barr Show, The Martin Short Show, Inside Edition and its corporate site. Pimpshiz said the King World sites were picked because they are "high-profile." Attrition.org, a hacker news site, lists other victims as including Honda U.K., TDK and 800shoes.com. Exploited Windows bugs When asked by a reporter how access was gained to secure Web servers such as those operated by King World, Pimpshiz replied: "With a vulnerability in IIS 4 and 5.0." Cybersecurity analyst Elias Levy of SecurityFocus.com said that answer doesn't reveal much, but it apparently refers to known bugs in Microsoft's Windows NT Web servers. "There have been a few IIS vulnerabilities recently, but they mostly deal with being able to read the source code to Web scripts," he said. "Nothing that would let you take over the Web site all that easily, unless you found a problem in the script source code." Ray Kaplan, a computer security consultant at Guardent Inc. in St. Paul, Minn., said the defacements appear to be nothing new or original. "It's the same old penetration," he said. "You figure out what software people are running, and go find the exploit and take advantage of it." By James Gordon Meek, an APBnews.com editor. Copyright © 2000 Yahoo! and APB Online. All Rights Reserved. ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Pro-Napster Hacker Warns Against Arrest Nelson Murilo (Aug 19)