Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In with OpenID
Advertise on LowEndTalk.com

In this Discussion

Google-another victim of ugnazi.

Google-another victim of ugnazi.

TazTaz Disabled
edited June 2012 in General

UGNazi Hijacks Google.com Domain June 14, 2012 – In a most bold move, the hacker group UGNazi hijacked the Google.com domain on June 11th, redirecting administrative ownership to one of the member's Gmail account [email protected] Had UGNazi wanted to, they could have interrupted all services that Google.com supports including the company's flagship search engine offering. UGNazi members successfully socially engineered their way to administrative control of Google.com by manipulating Google's registrar MarkMonitor. Mark Monitor is a brand protection organization whose services include Domain Management. In a statement UGNazi said the following: "So, Today, we are releasing our statement on that no one on the Internet is safe from UGNazi. On June 11th we gained access to Google's MarkMonitor account. Our email address, [email protected], was successfully updated on Google's Mark-Monitor Account. The agent that helped us reset the account should get some what of credit, she helped us a lot on resetting Google's MarkMonitor account :)." "P.S. Google, i suggest you move to a more secure registrar, but then again, we are Social Engineering Gods. So, this just goes to show, even Google can be Social Engineered." UGNazi also released a screenshot of an Account Change Request email from MarkMonitor that confirms UGNazi's claims. There has been no statement from either MarkMonitor or Google at this time. http://www.batblue.com/page.php?104#UGNazi_Google

Time is good and also bad. Life is short and that is sad. Dont worry be happy thats my style. No matter what happens i won't lose my smile!

Thanked by 4Chief Liam klikli Jack

Comments

  • CoreyCorey Member

    Wow - that was pretty bad A - why didn't they monetize that?

    BitAccel - OpenVZ VPS / IRC,VPN,Anything Legal & Unrivaled Support!
  • TazTaz Disabled

    They want to join Anonymous ( ethical hacker) so I guess that was the reason?

    Time is good and also bad. Life is short and that is sad. Dont worry be happy thats my style. No matter what happens i won't lose my smile!

  • netomxnetomx Member

    Wow, wtf with this new guys, hostGator and now Mark Monitor?! If I were Google, I would change them immediatly.

  • TazTaz Disabled

    I bet too. I believe and that google monitors everything. I think providers need to be a bit more careful (WHMCS and Google in both case) to who they are giving their clients informations to. (Valid photo id and utility bill should be a requirement I think).

    Time is good and also bad. Life is short and that is sad. Dont worry be happy thats my style. No matter what happens i won't lose my smile!

  • gsrdgrdghdgsrdgrdghd Member without signature

    Now that looks like too much of a high profile operation against a company with too much capital. They gonna get fucked.

  • raindog308raindog308 Member
    edited June 2012

    @NinjaHawk said: They want to join Anonymous ( ethical hacker

    There is nothing ethical about Anonymous skiddies.

    No doubt there will be some lame justification offered for this attack, as they did in their whmcs attack. The real purpose is teenage "look at me!" silliness.

    My Advice: : VPS Advice
  • AdamAdam Member

    MarkMonitor: Let me see your identification. UGNazi: [with a small wave of his hand] You don't need to see his identification. MarkMonitor: We don't need to see his identification.

    ...

    UGNazi: He can go about his business. MarkMonitor: You can go about your business. UGNazi: Move along. MarkMonitor: Move along... move along.

    Thanked by 3klikli Jar Nick_A
  • all this social "hack" remember me the war games movie :-)

    IperWeb & Prometeus, Hosting Provider since 1997. iwStack cloud infrastructure
  • netomxnetomx Member
    < title >MarkMonitor | Brand Protection, Domain Management, Anti Piracy, Anti Frau< / title > 

    LOL

  • AdamAdam Member
    edited June 2012

    @prometeus

    I blame David (Broderick) for 'Red Dawn' happening :-P

    EDIT: HAHAHA! They're remaking Red Dawn with the plot "A group of teenagers look to save their town from an invasion of North Korean soldiers."... And the award for racist movie of the year has been won!

    http://www.imdb.com/title/tt1234719/

    ^ Was originally "China" invading, but changed it

  • KuJoeKuJoe Member
    edited June 2012

    So, this just goes to show, even Google can be Social Engineered.

    How in the world do they not know the definition of social engineering when they are apparently always using it?

    Also, they need to social engineer an editor or a high school English class.

    -Joe @ SecureDragon - LEB's Powered by Wyvern in FL, CO, CA, IL, NJ, GA, TX, and AZ
    Test our network here: Drgn.biz
  • @KuJoe said: How in the world do they not know the definition of social engineering when they are apparently always using it?

    Because they think their epic h4ck3rs when all they do is use social engineering.

    Daniel.

  • if this is true I am surprised it isnt more in the public domain news.bbc.co.uk

  • joepie91joepie91 Member
    edited June 2012

    I'm calling bullshit on this one.

    1. Anyone can fake a screenshot with developer tools in any modern browser.
    2. Would MarkMonitor really send out an e-mail with such mediocre English - that looks suspiciously much like the writing style of UGNazi itself?
    3. Why would they have changed the e-mail address and then not do anything with the domain whatsoever?
    4. Do you really think that MarkMonitor would let such a change go through, and then not sound the alarm bells when the contact e-mail is changed to some random GMail address?
    5. Why has there not been a statement from either Google or MarkMonitor, not even one denying it?

    @NinjaHawk said: Anonymous ( ethical hacker)

    @raindog308 said: There is nothing ethical about Anonymous skiddies.

    I can't believe I still have to explain this, but Anonymous is not one coherent group of people with certain goals or ideologies, there are no universal goals, ideologies, or tactics. Period. No exceptions. No, Anonymous is not universally for internet freedom. No, Anonymous is not universally skiddie-oriented. That some people shout the loudest does not mean they are representative.

    Please stop trying to find a way to 'group' or 'label' Anonymous, the only thing it does is make you look silly. You're looking for a definition that does not exist.

    Appreciate my posts/software/guides? Donate (PayPal/Flattr/Bitcoin): http://cryto.net/~joepie91/donate.html | irc.freenode.net #lowendbox

  • KuJoeKuJoe Member
    edited June 2012

    @joepie91 In the court of public opinion Anonymous has already been grouped and labeled by the media, IT professionals, and the public (both educated and uneducated). At this point the collective known as Anonymous has been tarnished beyond repair like the title "hacker" was many years ago. I would hope that smart hackers (ethical or not) would distance themselves from that "group" in order to avoid any negative fallout it could cause because, as you said, the ones getting the attention are attracting the wrong attention.

    Just my 2 cents. :)

    -Joe @ SecureDragon - LEB's Powered by Wyvern in FL, CO, CA, IL, NJ, GA, TX, and AZ
    Test our network here: Drgn.biz
    Thanked by 1Jar
  • Yeah, looks to me like they just spoofed an email as though it was from Mark Monitor.

    Looking for support, sysadmin, etc. work: PM
    Working on VPSM
  • I'd have to agree with @joepie91 on this one. A sketchy looking screenshot (without even showing the mail headers) and no public word from the companies allegedly involved? Until Google steps up and says "Yeah, this happened", I'm going with faked.

  • makazemakaze Member

    Plus wouldn't the last update for google.com have changed?

    Record last updated on..: 2012-01-29.
    
    Thanked by 1netomx
  • JarJar Member

    Hey guys I hacked lowendtalk.com and I'm now the administrator. Proof? Hold on, let me scan this ID I just drew with crayon.

  • Wolf95Wolf95 Member

    I'm pretty sure MarkMonitor wouldn't send that email. It's composed horribly, and I mean, I could say that I was from mark monitor with something as simple as php's mail function. Whois info should have been updated by now if it was legit.

    http://overclockedhost.com Overclocked Host - XEN VPS starting at $6.99

  • @Adam said: And the award for racist movie of the year has been won!

    I find it interesting that you are apparently claiming that North Koreans are a separate race from South Koreans. Please enlighten us.

    My Advice: : VPS Advice
  • HalfEatenPieHalfEatenPie Member
    edited June 2012

    @raindog308 said: claiming that North Koreans are a separate race from South Koreans

    He was commenting on how they changed it from the Chinese to North Koreans.

    Catalyst Host - Pie Approved!
  • @joepie91 said: Please stop trying to find a way to 'group' or 'label' Anonymous, the only thing it does is make you look silly. You're looking for a definition that does not exist.

    No, you misunderstand.

    Each and every single member/actor of Anonymous, past and present, is a lame, attention-whoring mental teenager. Hence, I feel safe in referring to them collectively this way.

    @joepie91 said: Anonymous is not one coherent group of people with certain goals or ideologies, there are no universal goals, ideologies, or tactics. Period.

    Then it does not exist, which is obviously silly. They can't have it both ways.

    I grant you they have no goal or ideology, beyond "check this out!". However, there are a group or groups of people who hoist the Anonymous standard and self-label, and to them I refer.

    My Advice: : VPS Advice
  • @Aldryic said: A sketchy looking screenshot (without even showing the mail headers) and no public word from the companies allegedly involved? Until Google steps up and says "Yeah, this happened", I'm going with faked.

    It's fake. That is not how Markmonitor's "support system" looks like, not even close to the actual format.

    Additionally, they are referred to and trademarked as MarkMonitor. They're not going to sign their emails with "Mark Monitor"

    Postgres

  • $ whois google.com | grep PONY GOOGLE.COM.ALL.THE.PEOPLE.WHO.SPAM.THE.WHOIS.ARE.SERIOUSLY.ANNOYING.SOMEPONY.COM

    Yes! I'm with Carstensz Pyramid Server Now stop asking me please :D
    Thanked by 1yomero
  • taiprestaipres Member
    edited June 2012

    Effective immediately registrars needs to be forced to implement much more secure methods on domain handling, because i'm tired of hearing about these tards and tired of companies/people getting their domains stolen because registrars don't know what they're doing. They should be legally liable for the damage caused by giving away someones domain to someone else, and they need to implement these laws before the new "everyone create their own TLD" crap starts.
    people should have to verify and confirm any dns etc...changes with multiple emails, and maybe via phone depending on the company before the registrar changes it. They should also impose anti-fraud methods others do for payment stuff, like checking the users IP and location, check proxies, etc...even preventing any logins short of a whitelist of IPS to begin with would be nice.

    http://cheapvpsdeals.net over 80 cheap VPS deals listed, from providers in 14 countries, and 3 continents!

  • Mmmm, looks spoofed, UGNazi havent really talked about it much, and if they really had got full access, they could of easially A) moved the domain to a new registrar, (for le lulz), B) Fucked with DNS and made it essentially break all their services.

    The fact they have done nothing, makes me think this is bullshit, however, They have had some "leaks" not that they're "good leaks" but they're atleast able to say "look, we're somewhat decent with a keyboard...",

    Meh. Waiting for the next "big" hack from them.

  • @justinb said: Additionally, they are referred to and trademarked as MarkMonitor. They're not going to sign their emails with "Mark Monitor"

    I think that is the nail in the coffin

  • JackJack Member

    image

    Not for much longer I guess they gotta find some new hosting now.

  • Fake.

    Here's what a real MarkMonitor email looks like.

    image

  • Nick_ANick_A Member

    @Adam - that would be so funny if it weren't so scary at the same time...

    RamNode: High Performance SSD and SSD-Cached VPS
    New York - Atlanta - Seattle - Netherlands - IPv6 - DDoS Protection - AS3842
  • @raindog308 said: Each and every single member/actor of Anonymous, past and present, is a lame, attention-whoring mental teenager. Hence, I feel safe in referring to them collectively this way.

    Oh, please do come up with a list of all Anonymous 'members' and their associated behaviour. Every single one you said, right?

    @raindog308 said: Then it does not exist, which is obviously silly. They can't have it both ways.

    So "humanity" does not exist then either?

    @raindog308 said: I grant you they have no goal or ideology, beyond "check this out!". However, there are a group or groups of people who hoist the Anonymous standard and self-label, and to them I refer.

    These groups are often perfectly aware that while they can claim to be Anonymous, they cannot claim to define what Anonymous is as a whole. I'd thought that would have been clear by now, but apparently not.

    Appreciate my posts/software/guides? Donate (PayPal/Flattr/Bitcoin): http://cryto.net/~joepie91/donate.html | irc.freenode.net #lowendbox

  • gsrdgrdghdgsrdgrdghd Member without signature

    @joepie91 maybe you can tell us... What does Anonymous do apart from kiddy-ddossing?

  • @joepie91 said: So "humanity" does not exist then either?

    A poor comparison, humanity is easily definable.

    On-topic: It seems these people are desperate for some attention if they resolve to faking email. Business not going so well?

  • gsrdgrdghdgsrdgrdghd Member without signature

    image

    Surely this isn't faked...

  • MikHoMikHo Member

    If this would be true, why do Google keep the mailbox ? It would be so easy to "by accident" make a copy and then delete it..

  • AdamAdam Member
    edited June 2012

    @gsrdgrdghd

    I still think it's a fake... A couple things about the email: - If you got fired, why would you use your business email? - Why would you change your signature to "Ex-Client Service Manager"?

    Without email headers, or anything legitimate, there's nothing to believe other than easily faked screenshots.

    From Softpedia:

    Update. Mark Monitor representatives have responded to our inquiry. They deny being breached by UGNazi. As expected, it's not an easy task to gain access to such a high-profile account.

    "These reports are completely false. We protect the domain name portfolios of the most highly trafficked sites so we take security very seriously. However, we cannot control what people claim," said a company representative.

  • gsrdgrdghdgsrdgrdghd Member without signature

    @Adam said: @gsrdgrdghd

    I still think it's a fake..

    Yeah i was being sarcastic :D

  • 1q11q1 Member
    edited June 2012

    http://ugnazi.com/

    Hacked by the injector. lulz! hacked

  • joepie91joepie91 Member
    edited June 2012

    @gsrdgrdghd said: @joepie91 maybe you can tell us... What does Anonymous do apart from kiddy-ddossing?

    HBGary and AnonLeaks. Par-anoia. Crowdleaks. To just name a few things. And let's not forget the origin of the ideological part of Anonymous, being the protests against Scientology. Hell, a few days ago Anonymous Austria leaked internal communication from the Austrian Church of Scientology.

    EDIT: It is also worth mentioning that a considerable part of the non-DDoS ops that Anonymous undertook, have failed. Why? Because those involved in them got so much friction from 'outsiders' that desperately wanted to believe that Anonymous just consists of DDoS kiddies, that it was impossible for them to actually get anything done.

    EDIT2: Oh, let's not forget about how the Occupy movement spread either.

    @Chronic said: A poor comparison, humanity is easily definable.

    Sure, I'll give you a very simple definition of Anonymous then: people that choose to consider themselves Anonymous. There you go.

    Appreciate my posts/software/guides? Donate (PayPal/Flattr/Bitcoin): http://cryto.net/~joepie91/donate.html | irc.freenode.net #lowendbox

  • JackJack Member

    The Joys of PHP mail

    Thanked by 1Infinity
  • @1q1 said: Hacked by the injector. lulz!

    Their site doesn't worth all of this fame, apparently.

    Looking for support, sysadmin, etc. work: PM
    Working on VPSM
  • @joepie91 said: Hell, a few days ago Anonymous Austria leaked internal communication from the Austrian Church of Scientology.

    Yea.... no. That is only very small part of their communications, and nothing important. Scientology is likely going to be illegal here in a few months anyway, so it is not like this would matter.

    Opinions/Posts are to be assumed my own/personal and not company related unless obvious
    Working @ EDIS and owning some others (and/or parts of) | Available for consulting | http://as198412.net | https://william.si

Sign In or Register to comment.