Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Google-another victim of ugnazi.
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Google-another victim of ugnazi.

TazTaz Member
edited June 2012 in General

UGNazi Hijacks Google.com Domain June 14, 2012 – In a most bold move, the hacker group UGNazi hijacked the Google.com domain on June 11th, redirecting administrative ownership to one of the member's Gmail account [email protected]. Had UGNazi wanted to, they could have interrupted all services that Google.com supports including the company's flagship search engine offering. UGNazi members successfully socially engineered their way to administrative control of Google.com by manipulating Google's registrar MarkMonitor. Mark Monitor is a brand protection organization whose services include Domain Management. In a statement UGNazi said the following: "So, Today, we are releasing our statement on that no one on the Internet is safe from UGNazi. On June 11th we gained access to Google's MarkMonitor account. Our email address, [email protected], was successfully updated on Google's Mark-Monitor Account. The agent that helped us reset the account should get some what of credit, she helped us a lot on resetting Google's MarkMonitor account :)." "P.S. Google, i suggest you move to a more secure registrar, but then again, we are Social Engineering Gods. So, this just goes to show, even Google can be Social Engineered." UGNazi also released a screenshot of an Account Change Request email from MarkMonitor that confirms UGNazi's claims. There has been no statement from either MarkMonitor or Google at this time.
http://www.batblue.com/page.php?104#UGNazi_Google

«1

Comments

  • CoreyCorey Member

    Wow - that was pretty bad A - why didn't they monetize that?

  • TazTaz Member

    They want to join Anonymous ( ethical hacker) so I guess that was the reason?

  • netomxnetomx Moderator, Veteran

    Wow, wtf with this new guys, hostGator and now Mark Monitor?! If I were Google, I would change them immediatly.

  • TazTaz Member

    I bet too. I believe and that google monitors everything.
    I think providers need to be a bit more careful (WHMCS and Google in both case) to who they are giving their clients informations to. (Valid photo id and utility bill should be a requirement I think).

  • Now that looks like too much of a high profile operation against a company with too much capital. They gonna get fucked.

  • raindog308raindog308 Administrator, Veteran
    edited June 2012

    @NinjaHawk said: They want to join Anonymous ( ethical hacker

    There is nothing ethical about Anonymous skiddies.

    No doubt there will be some lame justification offered for this attack, as they did in their whmcs attack. The real purpose is teenage "look at me!" silliness.

  • AdamAdam Member

    MarkMonitor: Let me see your identification.

    UGNazi: [with a small wave of his hand] You don't need to see his identification.
    MarkMonitor: We don't need to see his identification.

    ...

    UGNazi: He can go about his business.

    MarkMonitor: You can go about your business.
    UGNazi: Move along.
    MarkMonitor: Move along... move along.

    Thanked by 3klikli jar Nick_A
  • prometeusprometeus Member, Host Rep

    all this social "hack" remember me the war games movie :-)

  • netomxnetomx Moderator, Veteran
    < title >MarkMonitor | Brand Protection, Domain Management, Anti Piracy, Anti Frau< / title > 

    LOL

  • AdamAdam Member
    edited June 2012

    @prometeus

    I blame David (Broderick) for 'Red Dawn' happening :-P

    EDIT: HAHAHA! They're remaking Red Dawn with the plot "A group of teenagers look to save their town from an invasion of North Korean soldiers."... And the award for racist movie of the year has been won!

    http://www.imdb.com/title/tt1234719/

    ^ Was originally "China" invading, but changed it

  • KuJoeKuJoe Member, Host Rep
    edited June 2012

    So, this just goes to show, even Google can be Social Engineered.

    How in the world do they not know the definition of social engineering when they are apparently always using it?

    Also, they need to social engineer an editor or a high school English class.

  • @KuJoe said: How in the world do they not know the definition of social engineering when they are apparently always using it?

    Because they think their epic h4ck3rs when all they do is use social engineering.

  • if this is true I am surprised it isnt more in the public domain news.bbc.co.uk

  • joepie91joepie91 Member, Patron Provider
    edited June 2012

    I'm calling bullshit on this one.

    1. Anyone can fake a screenshot with developer tools in any modern browser.
    2. Would MarkMonitor really send out an e-mail with such mediocre English - that looks suspiciously much like the writing style of UGNazi itself?
    3. Why would they have changed the e-mail address and then not do anything with the domain whatsoever?
    4. Do you really think that MarkMonitor would let such a change go through, and then not sound the alarm bells when the contact e-mail is changed to some random GMail address?
    5. Why has there not been a statement from either Google or MarkMonitor, not even one denying it?

    @NinjaHawk said: Anonymous ( ethical hacker)

    @raindog308 said: There is nothing ethical about Anonymous skiddies.

    I can't believe I still have to explain this, but Anonymous is not one coherent group of people with certain goals or ideologies, there are no universal goals, ideologies, or tactics. Period. No exceptions. No, Anonymous is not universally for internet freedom. No, Anonymous is not universally skiddie-oriented. That some people shout the loudest does not mean they are representative.

    Please stop trying to find a way to 'group' or 'label' Anonymous, the only thing it does is make you look silly. You're looking for a definition that does not exist.

  • KuJoeKuJoe Member, Host Rep
    edited June 2012

    @joepie91 In the court of public opinion Anonymous has already been grouped and labeled by the media, IT professionals, and the public (both educated and uneducated). At this point the collective known as Anonymous has been tarnished beyond repair like the title "hacker" was many years ago. I would hope that smart hackers (ethical or not) would distance themselves from that "group" in order to avoid any negative fallout it could cause because, as you said, the ones getting the attention are attracting the wrong attention.

    Just my 2 cents. :)

    Thanked by 1jar
  • Yeah, looks to me like they just spoofed an email as though it was from Mark Monitor.

  • I'd have to agree with @joepie91 on this one. A sketchy looking screenshot (without even showing the mail headers) and no public word from the companies allegedly involved? Until Google steps up and says "Yeah, this happened", I'm going with faked.

  • makazemakaze Member

    Plus wouldn't the last update for google.com have changed?

    Record last updated on..: 2012-01-29.
    
    Thanked by 1netomx
  • jarjar Patron Provider, Top Host, Veteran

    Hey guys I hacked lowendtalk.com and I'm now the administrator. Proof? Hold on, let me scan this ID I just drew with crayon.

  • Wolf95Wolf95 Member

    I'm pretty sure MarkMonitor wouldn't send that email. It's composed horribly, and I mean, I could say that I was from mark monitor with something as simple as php's mail function. Whois info should have been updated by now if it was legit.

  • raindog308raindog308 Administrator, Veteran

    @Adam said: And the award for racist movie of the year has been won!

    I find it interesting that you are apparently claiming that North Koreans are a separate race from South Koreans. Please enlighten us.

  • HalfEatenPieHalfEatenPie Veteran
    edited June 2012

    @raindog308 said: claiming that North Koreans are a separate race from South Koreans

    He was commenting on how they changed it from the Chinese to North Koreans.

  • raindog308raindog308 Administrator, Veteran

    @joepie91 said: Please stop trying to find a way to 'group' or 'label' Anonymous, the only thing it does is make you look silly. You're looking for a definition that does not exist.

    No, you misunderstand.

    Each and every single member/actor of Anonymous, past and present, is a lame, attention-whoring mental teenager. Hence, I feel safe in referring to them collectively this way.

    @joepie91 said: Anonymous is not one coherent group of people with certain goals or ideologies, there are no universal goals, ideologies, or tactics. Period.

    Then it does not exist, which is obviously silly. They can't have it both ways.

    I grant you they have no goal or ideology, beyond "check this out!". However, there are a group or groups of people who hoist the Anonymous standard and self-label, and to them I refer.

  • @Aldryic said: A sketchy looking screenshot (without even showing the mail headers) and no public word from the companies allegedly involved? Until Google steps up and says "Yeah, this happened", I'm going with faked.

    It's fake. That is not how Markmonitor's "support system" looks like, not even close to the actual format.

    Additionally, they are referred to and trademarked as MarkMonitor. They're not going to sign their emails with "Mark Monitor"

  • $ whois google.com | grep PONY
    GOOGLE.COM.ALL.THE.PEOPLE.WHO.SPAM.THE.WHOIS.ARE.SERIOUSLY.ANNOYING.SOMEPONY.COM

    Thanked by 1yomero
  • taiprestaipres Member
    edited June 2012

    Effective immediately registrars needs to be forced to implement much more secure methods on domain handling, because i'm tired of hearing about these tards and tired of companies/people getting their domains stolen because registrars don't know what they're doing. They should be legally liable for the damage caused by giving away someones domain to someone else, and they need to implement these laws before the new "everyone create their own TLD" crap starts.


    people should have to verify and confirm any dns etc...changes with multiple emails, and maybe via phone depending on the company before the registrar changes it. They should also impose anti-fraud methods others do for payment stuff, like checking the users IP and location, check proxies, etc...even preventing any logins short of a whitelist of IPS to begin with would be nice.

  • Mmmm, looks spoofed, UGNazi havent really talked about it much, and if they really had got full access, they could of easially A) moved the domain to a new registrar, (for le lulz), B) Fucked with DNS and made it essentially break all their services.

    The fact they have done nothing, makes me think this is bullshit, however, They have had some "leaks" not that they're "good leaks" but they're atleast able to say "look, we're somewhat decent with a keyboard...",

    Meh. Waiting for the next "big" hack from them.

  • @justinb said: Additionally, they are referred to and trademarked as MarkMonitor. They're not going to sign their emails with "Mark Monitor"

    I think that is the nail in the coffin

  • Fake.

    Here's what a real MarkMonitor email looks like.

    image

  • Nick_ANick_A Member, Top Host, Host Rep

    @Adam - that would be so funny if it weren't so scary at the same time...

Sign In or Register to comment.