Compromised Government and Military Sites For Sale

Khopesh writes "Imperva blogged today about the sale of compromised .gov, .mil, and .edu sites, illustrating that cyber-criminals are getting bolder. Krebs on Security has an unredacted view of the site list. Perhaps the biggest threat is yet to come; if an industrious criminal can break into top government and military sites, so too can government-backed teams, proving that GhostNet and Stuxnet are just the beginning."

Obvious

[TaoPhoenix]

Wikileaks.mil!

Re:Not just .gov

[peragrin]

Exactly. most of these websites are on random hosted providers anyways.

Now if they got IRS.GOV I might be concerned.

Re:Cabsec can fix this

[Cyberax]

Nope, it won't help.

Capability-based security omits one liiiiiiiittle detail: initial capability distribution. That's why most (all?) of proves of capability based security omit the initial image set up. That's the case with CoyotOS and other OSes. Or in other words, the question is: should IAmEvilExecutable get CAP_ALL_ACCESS permission if user starts it and grants it this permission?

Another problem is that if I somehow inject myself into, say, web server then I'll get access to all capabilities granted to this webserver. Which is usually more than enough. The only 'fix' on the horizon for this problem is fully managed code (see: Singularity OS).

Re:Obvious Scam is Obvious

Here is the google cache of [hack_addicted.pt]'s forum post that shows you how to break into all the sites listed by Srblche by using HA's Online SQLi scanner.

http://webcache.googleusercontent.com/search?q=cache:XU6t4iPLZLAJ:www.hackforums.net/showthread.php%3Ftid%3D977900+http://www.srblce.com&cd=6&hl=en&ct=clnk&gl=us

I think the value of those 'hacked sites' just dropped by a few hundred dollars.

This is the hacker's site:

The hacker's site is http://www.sbrlche.com/.

Quite easily googleable from the phrases in the screenshots!