BreachExchange mailing list archives
Got $500? You can buy a hacked U.S. military website
From: security curmudgeon <jericho () attrition org>
Date: Mon, 24 Jan 2011 05:00:05 -0600 (CST)
[Note the paragraph starting "The hacker is also selling.." - jericho] ---------- Forwarded message ---------- From: InfoSec News <alerts () infosecnews org> http://www.computerworld.com/s/article/9205905/Got_500_You_can_buy_a_hacked_U.S._military_website By Robert McMillan IDG News Service January 21, 2011 If you're a criminal looking for full control of the Web used by the U.S. Army's Communications-Electronics Command (CECOM), you can get it for just under US$500. At least that's what one hacker is offering in underground forums. Security vendor Imperva found the black market sales pitch Thursday and posted details of the incident on Friday. The hacker says he has control over a number of websites, including other military sites, government sites, and those belonging to universities, said Noa Bar-Yosef, Imperva senior security strategist. Prices range from $33 to $499, depending on how important or widely used the website is. "You can actually buy the capability of being the administrator of the website," she said. The hacker is also selling databases of personal information he's stolen from the websites for $20 per thousand records, she said. That data could be used by spammers, or by fraudsters to break into online accounts. [...] _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Learn encryption strategies that manage risk and shore up compliance. Download Article 1 of CREDANT Technologies' The Essentials Series: Endpoint Data Encryption That Actually Works http://credant.com/campaigns/realtime2/gap-LP1/
Current thread:
- Got $500? You can buy a hacked U.S. military website security curmudgeon (Jan 24)