Slashdot Mirror

← Back to Stories (view on slashdot.org)

Compromised Government and Military Sites For Sale

Posted by Soulskill on from the your-tax-dollars-at-derp dept.

Khopesh writes "Imperva blogged today about the sale of compromised .gov, .mil, and .edu sites, illustrating that cyber-criminals are getting bolder. Krebs on Security has an unredacted view of the site list. Perhaps the biggest threat is yet to come; if an industrious criminal can break into top government and military sites, so too can government-backed teams, proving that GhostNet and Stuxnet are just the beginning."

9 of 51 comments (clear)

  1. Obvious by TaoPhoenix · · Score: 3, Informative

    Wikileaks.mil!

    --
    My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
  2. Cabsec can fix this by ka9dgx · · Score: 4, Interesting

    Capability based security (Cabsec) can provide OS with no exposed vulnerabilities. It's based on an L4 proven microkernel. The only problem is that it's vaporware.

    It doesn't have to be. The parts are starting to fall into place, but the open source community has to be made aware of the fact that it is possible to solve computer security, instead of patching it with layers of band-aids.

    1. Re:Cabsec can fix this by Cyberax · · Score: 3, Informative

      Nope, it won't help.

      Capability-based security omits one liiiiiiiittle detail: initial capability distribution. That's why most (all?) of proves of capability based security omit the initial image set up. That's the case with CoyotOS and other OSes. Or in other words, the question is: should IAmEvilExecutable get CAP_ALL_ACCESS permission if user starts it and grants it this permission?

      Another problem is that if I somehow inject myself into, say, web server then I'll get access to all capabilities granted to this webserver. Which is usually more than enough. The only 'fix' on the horizon for this problem is fully managed code (see: Singularity OS).

  3. Obvious Scam is Obvious by phantomcircuit · · Score: 2, Insightful

    So either they actually have compromised all of those sites, OR they're phishing... hmm I wonder which it could be....

    1. Re:Obvious Scam is Obvious by Anonymous Coward · · Score: 2, Informative

      Here is the google cache of [hack_addicted.pt]'s forum post that shows you how to break into all the sites listed by Srblche by using HA's Online SQLi scanner.

      http://webcache.googleusercontent.com/search?q=cache:XU6t4iPLZLAJ:www.hackforums.net/showthread.php%3Ftid%3D977900+http://www.srblce.com&cd=6&hl=en&ct=clnk&gl=us

      I think the value of those 'hacked sites' just dropped by a few hundred dollars.

  4. Re:Not just .gov by peragrin · · Score: 2, Informative

    Exactly. most of these websites are on random hosted providers anyways.

    Now if they got IRS.GOV I might be concerned.

    --
    i thought once I was found, but it was only a dream.
  5. Disturbing... by Sooner+Boomer · · Score: 3, Interesting

    I don't know which is more worrying - that some of these sites are for sale, or how cheaply they're going for...

    --
    Chaos maximizes locally around me.
  6. This is the hacker's site: by Anonymous Coward · · Score: 3, Informative

    The hacker's site is http://www.sbrlche.com/.

    Quite easily googleable from the phrases in the screenshots!

  7. Spamvertising, internal trust by Khopesh · · Score: 2

    TLDs like .gov and .edu get a massive multiplier in Google's PageRank. Spamvertising effectiveness is therefore amplified in kind.

    On a more alarming note, the system may have been blessed in some manner that might make it useful as a launching point for attacking a more important site which might implicitly trust the hacked server due to its ownership or similar relationships. The most sensitive systems are completely firewalled and therefore inaccessible from the outside, and these systems might extend a level of trust to servers like those for sale on this list. Of course, that might be one of the reasons those servers were hacked and are being turned around for sale at so low a price (i.e. they don't grant such access, so the crackers are flipping them).

    --
    Use my userscript to add story images to Slashdot. There's no going back.