ImageShack was hacked…
As some of you may have noticed, news about ImageShack being hacked has started to circulate today. While I tried to see this for myself, part of the damage has been fixed; I say part because the ImageShack blog still throws database connection errors…
Even if this may have been worse for users who store their images there (myself included), there is more to it than meets the eye.
Like the attack on Astalavista, this one was also performed by the anti-sec group (groups, there could be more) and only makes me think there will be more attacks.
The message which was present on ImageShack’s website after the attack.
As you may have read their manifesto, hacking ImageShack does not conform to their goal…
How do we plan to achieve this? Through the full and unrelenting, unmerciful elimination of all supporters of full-disclosure and the security industry in its present form. If you own a security blog, an exploit publication website or you distribute any exploits…
Furthermore, they don’t see the irony of their actions. The more they are going to hack security unrelated websites (like ImageShack) the more are they going to spread FUD. And it’s needles to say that more FUD equals more work for the whitehats that they so much despise.
And they are good at spreading FUD! After the Astalavista hack OpenSSH exploit FUD spread online like plague.
The only way I would go about vulnerability disclosure would be trough responsible one… Mentioning that I would be responsible only if the given vulnerability could affect me; otherwise I wouldn’t really care… that’s just me.
Even with all that said, there is one common ground where I can relay with them, concerning PoC code that script kiddies copy-pasta for mass sploitation… PoC should be only left for innovative/new techniques and not for every *dangerous* exploit out there.
Like any online movement it has it’s pros and cons; some didn’t/don’t understand the: VX, Zeitgeist, Anonymous (it is a movement, sort of) or any other movement; so why understand the Anti-sec one, right?
It seems someone forgot to upgrade to the latest openssh version, according to some security experts, the latest version is not targeted with this “private” openssh exploit.
It is RedHat that need to provide latest openssh. With RHEL, they provide old version of openssh, don’t know why that are too lazy to provide latest openssh ?