I think these youths are reading too much hacking magazines.
I think these youths are reading too much hacking magazines.
Good work guys (Chris and Sandor). Hope Chris will do a follow up on this- What the guys at infoExchange have to say about this and what steps they are taking to prevent a future occurrence, even if they have nothing to say we want to know.
Looking forward to that.
[quote author=DarkAngel link=board=27;threadid=1984;start=15#msg19711 date=1065452150]Good work guys (Chris and Sandor). Hope Chris will do a follow up on this- What the guys at infoExchange have to say about this and what steps they are taking to prevent a future occurrence, even if they have nothing to say we want to know.
Looking forward to that.[/quote]
Thanks DA.
I'll contact them and give them the opportunity to respond.
Hey Chris, call me an opportunist, but do you see a major advertisement opportunity for TechJ in this? Or am I spending too much time looking at multiplicities of possibilities with everything? ;D
[quote author=Ropy link=board=27;threadid=1984;start=15#msg19710 date=1065451996]
I think these youths are reading too much hacking magazines.
[/quote]
- Ropy, you seem jealous that they know more than you do ;D
Our investigations at Info Exchange led to an unauthorized user from the Brazilian region of RIO Grande DU SUL in the city of Porto Alegre. We have secured all the evidence and have forwarded such to the relevant authorities for further investigation.
I want to thank you guys for the work you do at techjamaica especially Chris and Black Crypto even though my team was on top of the issue within a few minutes. My team was also instructed to secure the web servers first and then to secure the evidence.
Our clients, some immediately, were back in full force by 8 a.m. this morning when we decided that everything was cool.
As we all know, security is not a point in time solution but exists on a continuum and we at Info Exchange recognize and acknowledge that fact.
Thanks again
good luck with that .. hope its not like a couple of years ago when i was using cwjamaica dialup and another cwjamaica dialup customer tried to drop a trojan on my computer. i gave cwjamaica tech support the exact time and the ip address of the attack. dunno why i thought cwjamaica would be able to use those two bits of evidence to link it back to a particular username .... anyhow, they kindly informed me that they couldn't. wonder if this is still the caseOur investigations at Info Exchange led to an unauthorized user from the Brazilian region of RIO Grande DU SUL in the city of Porto Alegre. We have secured all the evidence and have forwarded such to the relevant authorities for further investigation.
What security hole made your host vulnerable to this hack?
[quote author=igodit link=board=27;threadid=1984;start=15#msg19757 date=1065467942]
What security hole made your host vulnerable to this hack?
[/quote]
It was a weak password setting on one of our client maintained sites. Our servers are always being probed by hackers looking for a security hole and we have been able to ward them off so far until last night. Based on a client request, it was the only site with front page extensions and it also had a weak password setting.
All our other sites evidently have very strong passwords except for this one with Front page extensions attached to it. I can categorically state that it was not a O/S vulnerability exploit and our other security measures including patches thwarted the attacker from planting any trojan horses on our servers. We suffered web site defacement and that was the extent of his/her exploit.
Uwill, good to hear things are back under control.
What's the general attitude toward IT security among the organizations you've interacted with? What do you think can be done to make improvements in that area?
Hi uwill, thanks for coming on and explaining it to us. We all know, especially me, what these idlers can cause and cost.
All the best in recovering and holding the culprits accountable. We hope to see MORE of you around other than posting about this issue