New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Interesting. Lets see if they release the files or not
Linode were hacked again?
This is about the last months hack
So what were the hackers afrer, some IRC network?
Why do these guys have to write so confusing...
I had to read it twice as well.
Anyway, for what I get, if the FBI hadn't gotten involved, all of the hacker's Linode data would have (supposedly) been shredded. They were not after Linode data, but after SwiftIRC. They now say they will release domain registrar data.
apparently one of HTP5, got banned from SwiftIRC probably some online game fed between players LOL, and wanted revenge, so HTP5, went after SwiftIRC which is hosted on linode, you get the picture.
sounds like some script kiddies with a liveCD.
Well they hacked on of thier own who had been flipped by the FBI
tl;dr ?
So wouldn't it be much easier to just send a short DoS toward this IRC thing, then Linode nullroutes it for 24 hours? Not that I am advocating DoS, but why was all this needed?
TL;DR:
Hackers tried hacking an IRC network and ended up cracking entire Linode open. They deleted all CC and other infos when Linode made a press message about the hack, obviously so that people won't trust that ripoff anymore
what is HTP?
Hack the Planet
First paragraph and I already feel like I'm reading the rantings of a high school dropout who never realized that life doesn't have to be so dramatic. This should be fun.
LOL
+1
Shhh... don't want to piss him/her off.
HTP are by no means some kiddy hackers whining about getting banned on gameservers or so.
tl;dr: They wanted to get into the IRC channel of an impersonator group, couldn't hack the IRC server. So they decided to hack the hoster of the IRC server and then use the recovery console to access the IRC server. Couldn't hack the hoster (Linode)
So they decided to hack name.com and planned to MITM Linode in order to hack it. Someone from their group found a 0day in ColdFusion (which Linode uses) before they could carry out the MITM plan so they used the 0day instead to hack Linode.
FBI got mad, Linode had to tell people about the hack, plan to get into the IRC server failed.
And what's that used for?
>
tl;dr: They wanted to get into the IRC channel of an impersonator group, couldn't hack the IRC server. So they decided to hack the hoster of the IRC server and then use the recovery console to access the IRC server. Couldn't hack the hoster (Linode)
>
So they decided to hack name.com and planned to MITM Linode in order to hack it. Someone from their group found a 0day in ColdFusion (which Linode uses) before they could carry out the MITM plan so they used the 0day instead to hack Linode.
>
FBI got mad, Linode had to tell people about the hack, plan to get into the IRC server failed.
That's a really good summary of the episode
Noobs.
Takeaway from the story: choose your name registry wisely or be your own registry.
the name.com db schema gives a lot of confidence - love the _old tables
Something still sounds strange here. Does Linode allow hosting IRC servers with them?
Considering the drama with LEB/LET when they were hosted at Linode...
So they were crying like little babies that someone was using their cute little online alias and decided to make a bunch of clients of Linode (an unrelated entity) potential victims of their little temper tantrum. Am I summarizing that correctly?
Found this picture of their leader:
Tell them to meet me at my front door. I don't fight fair
Do you live at 10880 Malibu Point, Malibu CA, 90265?
I read again and again but don't understand the whole story. So here's some understandable explanation from HN...
Here's an attempt at an explanation/translation:
HTP ("Hack The Planet") is a group that likes to break into things. Another (unnamed) group of people impersonated a third group of people ("ac1db1tch3z") and tried to cause trouble for HTP.
The impersonators located HTP by examining one of HTP's botnets (a collection of compromised computers that are used to launch things like denial of service attacks). Botnets have to receive instructions (e.g., targets to attack) from somewhere, so it's likely that the impersonators followed the path taken by commands to the botnet, and found the network(s) that HTP uses to organize themselves.
HTP realized this, and wanted to get back at the impersonators. They found out that the impersonators used an IRC channel (chat room) hosted on a network called SwiftIRC. If HTP could break into SwiftIRC (which is hosted on Linode), they could cause all sorts of trouble for the impersonators. So HTP decided to break into Linode, so they could break into SwiftIRC, so they could break into the group of impersonators.
To break into Linode, HTP broke into their domain name registar (name.com). They planned to secretly take control of linode.com, and replace it with a version of linode.com would look and feel and work correctly, but had one additional feature -- it would collect the login information that people typed in. HTP probably hoped to gain the login for SwiftIRC directly, or collect the logins for Linode admins and obtain SwiftIRC's login from there.
But, before they enacted the domain takeover (a maneuver that would likely be somewhat difficult to employ without being noticed), an HTP member discovered a new vulnerability in ColdFusion, the server software used by Linode. The ability to discover a new exploit on demand implies a high level of skill within the group. Using this exploit, HTP obtained direct access to Linode. They proceeded to gain access to SwiftIRC, as well as other sites hosted on Linode, including a well-known security site, nmap.org
The FBI apparently had a mole in HTP, and they alerted Linode that HTP had access to nmap.org. This posed a bit of a problem for HTP: if it became public knowledge that they had obtained access to Linode, then perhaps they wouldn't have time to go after the impersonators using their newfound access to SwiftIRC. So, HTP tried to strong-arm Linode into staying quiet until May 1st. HTP had obtained the customer information and credit cards of all the Linode customers. HTP threatened to widely publish all this sensitive information if Linode didn't stay quiet. If Linode complied, then HTP would just delete all the info.
Linode, though, was forced by the FBI to announce that they'd been broken into. HTP told Linode to just publicly acknowledge that HTP was the group that broke into Linode, and they'd delete the sensitive info. Linode did so (https://blog.linode.com/2013/04/16/security-incident-update/).
HTP conducted an internal investigation to determine which group member(s) were working with the FBI. HTP broke into the mole's computer and turned on their webcam, and saw an FBI employee looking over the shoulder of the mole. They kicked the mole out of the group, so the FBI doesn't have access to HTP anymore.
(Remember, this is the story according to HTP.)
DNS Resolution Error
You've requested a page on a website (www.hack-the-planet.tv) that is on the CloudFlare network. Unfortunately, CloudFlare is currently unable to resolve your requested domain (www.hack-the-planet.tv). There are two potential causes of this:
Probably domain disabled by registrar.
Sounds like the biggest load of teenage fantasy bullshit I've ever read. The last paragraph is particularly pathetic.