By Humphrey Cheung
May 30, 2008
Philadelphia (PA) - Comcast's homepage and webmail were unavailable for
several hours from Wednesday to Thursday after a pair of young hackers
hijacked the company's DNS records. The hackers, going by the names of
Defiant and EBK, also defaced the Comcast.net homepage after they tried
warning Comcast's technical contact about the intrusion. By Thursday
night, all Comcast services seemed to be working normally.
Comcast users reported having problems with their webmail accounts
starting on Wednesday night. According to an interview done by Wired,
the hackers used a security vulnerability and a bit of social
engineering to gain access to Comcast's DNS management page at Network
Solutions. At first, Defiant and EBK just changed some of the DNS
contact information, but then escalated to much more drastic actions
after trying to warn a Comcast manager about the vulnerability - that
manager apparently hung up on the hackers, a very very bad move on his
part if true.
Throughout Wednesday night, the hackers repointed Comcast's DNS entries
and defaced the Comcast.net homepage with "KRYOGENIKS Defiant and EBK
RoXed Comcast sHouTz to VIRUS Warlock elul21 coll1er seven". In all the
hackers had to set up approximately 50 web hosting accounts to handle
the traffic load - as one account reached its bandwidth limit, they
would open another one to take its place.
But while the pair were initially fairly happy at their success, the
Wired interviewer writes that the duo pretty much expect the police to
be busting down their door in the near future.
Attend Black Hat USA, August 2-7 in Las Vegas,
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.
Visit product displays by 30 top sponsors in
a relaxed setting. http://www.blackhat.com