Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Hacker diverts Comcast traffic

  1. #1
    kondrae's Avatar Trance BT Rep: +19BT Rep +19BT Rep +19BT Rep +19
    Join Date
    Dec 2007
    Posts
    707
    "A hacker or group of hackers diverted Internet traffic from millions of Comcast high-speed Internet customers Wednesday night, fouling up access to Comcast's Web e-mail service as the nation's largest cable company tried to restore its Web site Thursday."

    "Comcast said Thursday that law enforcement authorities are investigating and that it has no evidence that customer information was compromised. But local Internet security experts called it a major security breach that was both breathtaking in scope and baffling at the same time. Comcast is the major provider of cable Internet in the Twin Cities.

    The hacker could have intercepted Comcast e-mail and account information by creating a look-alike Comcast site that would trick users into entering their user names and passwords. Later, the hackers could comb through the information to access Comcast Web page and e-mail accounts.

    Instead, the hackers appeared to be content to simply post a message on a Web page saying, "KRYOGENICS Defiant and EBK RoXed Comcast." "He's just taunting them," said Mike Endrizzi, founder of Security Evolution, an Internet consulting company in Apple Valley.

    "This is pretty major. This isn't like hacking some mom-and-dad Web site. Essentially, this is a security breach," said Jason Miller, security and data team manager for Shavlik Technologies, a security patch management software company in Roseville.

    The incident began about 10 p.m., Wednesday, when "an unauthorized person" redirected Web traffic away from Comcast.net and toward a third-party site, Comcast spokeswoman Mary Beth Schubert said.

    Instead of attacking Comcast's site, the hacker focused on Network Solutions, a Herndon, Va., company that acts like a directory or Yellow Pages for the Internet.

    The person logged in as a Comcast system administrator and changed the flow of Internet traffic away from Comcast.net to an unfinished site under construction at first, and later, apparently, to the site that carried the hacker message, said Susan Wade, director of public relations for Network Solutions.

    "We don't know how anybody got access to that information," Wade said, referring to the system administrator login name and password. "It is unusual that this happened."

    Network Solutions engineers monitoring the network noticed an unusual spike in traffic diverted from the Comcast account and got it pointed in the right direction again within two hours, Wade said.

    However, Comcast's 14.1 million customers had only "intermittent" access to Comcast.net throughout Thursday, Schubert said.
    "Network engineers continue to work to resolve the issue," she said. "It is a top priority to get access back to our customers and we apologize for the inconvenience this has caused."

    Customers could access the rest of the Internet and their Comcast Web mail by downloading it to services like Microsoft Outlook, she said.

    Endrizzi and Miller advised Comcast customers to check their e-mail to see if they are missing messages that they were expecting at that time or missing a large chunk of Web traffic. Companies in particular should not store passwords or sensitive information in their e-mail, they said.

    In spite of themselves, the experts were impressed by the audacity of the attack.

    "That's a beautiful hack," Endrizzi said. "This guy is going to brag about it."

    "They've found a way to go after Comcast without going after Comcast," Miller said.

    "Whoever's done this has definitely walked themselves out there on a plank," he added. "Someone was doing this for notoriety and notoriety is what they're going to get. But it's not going to be the kind of notoriety they'll want."
    _________________________

    Comcast had it coming.

    Source: http://www.twincities.com/ci_9420509
    Last edited by Hairbautt; 05-30-2008 at 08:56 PM.

    Skitt's Law: "any post correcting an error in another post will contain at least one error itself"

  2. News (Archive)   -   #2
    BawA's Avatar FST Pioneer BT Rep: +1
    Join Date
    Jun 2003
    Location
    Some Where but not here
    Age
    41
    Posts
    4,213
    maybe they should had throttled their BW instead of hacking webpage.

    btw owned big time.


    "You can be mad as a mad dog at the way things went; you can swear and curse the fates, but when it comes to the end, you have to let go"
    Benjamen button

  3. News (Archive)   -   #3
    The Flying Cow's Avatar windowlicker BT Rep: +10BT Rep +10
    Join Date
    Jun 2005
    Location
    al-Uxbuna
    Posts
    2,033
    Total PWnage. Hands down.

    Now let's see if they get taken in.

  4. News (Archive)   -   #4
    Poster BT Rep: +1
    Join Date
    Sep 2007
    Posts
    154
    he chose the right ISP. stupid comcast. maybe their techies should spend more time on security and less on throttling torrents

  5. News (Archive)   -   #5
    kondrae's Avatar Trance BT Rep: +19BT Rep +19BT Rep +19BT Rep +19
    Join Date
    Dec 2007
    Posts
    707
    Quote Originally Posted by VillageShaman View Post
    Total PWnage. Hands down.

    Now let's see if they get taken in.

    they did.

    update on story: http://blog.wired.com/27bstroke6/200...t-hijacke.html

    "The computer attackers who took down Comcast's homepage and webmail service for more than five hours Thursday say they didn't know what they were getting themselves into.

    In an hour-long telephone conference call with Threat Level, the hackers known as "Defiant" and "EBK" expressed astonishment over the attention their DNS hijacking has garnered. In the call, the pair bounded freely between jubilant excitement over the impact of their attack, and fatalism that they would soon be arrested for it."

    Skitt's Law: "any post correcting an error in another post will contain at least one error itself"

  6. News (Archive)   -   #6
    BANNED BT Rep: +20BT Rep +20BT Rep +20BT Rep +20
    Join Date
    May 2007
    Posts
    1,438
    ZOMG!


    Pwned!



    Shame they got caught..


  7. News (Archive)   -   #7
    tknaught's Avatar +3 dB BT Rep: +2
    Join Date
    Apr 2008
    Posts
    144
    Is this really hacking? They probably go the account credentials through social engineering or something.

  8. News (Archive)   -   #8
    BANNED BT Rep: +12BT Rep +12BT Rep +12
    Join Date
    Dec 2007
    Location
    The Cosmos
    Age
    35
    Posts
    86
    hacking is just an umbrella term dude

  9. News (Archive)   -   #9
    well deserved since they throttle BT traffic.

  10. News (Archive)   -   #10
    lostdemon's Avatar Poster BT Rep: +1
    Join Date
    Nov 2007
    Posts
    733
    It sucks that they got caught. Maybe they'll get offered a job with the company after it's all said and done to help prevent it from happening again.

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •